Apache Kafka is an open source distributed streaming platform developed by the Apache Software Foundation in the United States. A timing attack vulnerability exists in some versions of Apache Kafka, which enables access to real-time data for building applications that react in real time to changes in the data stream. The vulnerability is primarily due to Kafka’s use of the Arrays.equals component for key or password authentication, which can be used by attackers to brute-force users who use such credentials to authenticate their identities, thereby gaining access to credentials and elevating system privileges.