Kafdrop Security Flaw Exposes Kafka Clusters Data

Researchers at Spectral recently discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than 20 million times.

The Kafdrop flaw has allowed the data from Kafka clusters – everything from financial transactions to mission-critical data – to be exposed internet-wide. It can give anyone their own UI to make it easy to review live Kafka clusters without authentication. Learn more about the security flaw and its impact here.