Cleartext Storage of Sensitive Information
Lightbend Alpakka Kafka prior to 4.0.1, logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in ''akka.kafka.internal.KafkaConsumerActor''.
CWE-312 - Cleartext Storage of Sensitive Information
The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.