CVE-2025-27817
HIGHCVSS v3
7.5
HIGH
EPSS Score
25.1%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can
Technical Details
- CVSS v3 Vector
- 3.1
- Published
- 6/10/2025
- Last Modified
- 7/11/2025
Frequently Asked Questions
What is CVE-2025-27817?
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can
Is CVE-2025-27817 actively exploited?
Active exploitation of CVE-2025-27817 has not been confirmed. The EPSS score is 25.1%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2025-27817?
CVE-2025-27817 has a CVSS v3 base score of 7.5 (HIGH severity), with vector string 3.1.
Is CVE-2025-27817 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.