How severe is CVE-2021-38153?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2021-38153?

This is classified as CWE-203, which is a common weakness in software security.

CVE-2021-38153 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0.

Related Vulnerabilities

CVE-2015-0837

MEDIUM

CVSS:5.9(Medium)

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during mod...

CWE-2032015

CVE-2015-8313

MEDIUM

CVSS:5.9(Medium)

GnuTLS incorrectly validates the first byte of padding in CBC modes

CWE-2032015

CVE-2016-0762

MEDIUM

CVSS:5.9(Medium)

The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied...

CWE-2032016

CVE-2017-1000385

MEDIUM

CVSS:5.9(Medium)

The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's priva...

CWE-2032017

CVE-2017-13098

MEDIUM

CVSS:5.9(Medium)

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using...

CWE-2032017

CVE-2017-13099

MEDIUM

CVSS:5.9(Medium)

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL ...

CWE-2032017