The kafka-sink-azure-kusto plugin for Azure Data Explorer prior to version 5.2.3 improperly neutralizes special elements in data query logic (CWE-943). Specifically, user-controlled values in the kusto.tables.topics.mapping configuration are directly interpolated into KQL management commands without sanitization. This allows an attacker with permission to edit Kafka Connect connector configurations to inject KQL metacharacters such as semicolons, pipes, or quotes, leading to arbitrary command execution in the context of the connector's service principal. This can result in unauthorized schema enumeration, modification, ingestion mapping tampering, or changes to streaming and retention policies. Exploitation requires privileged configuration access and no end-user or Kafka record interaction. The vulnerability is fixed in version 5.2.3, and the vendor provides an official patch. As this is a cloud service, remediation is managed by the vendor.

Successful exploitation allows an attacker with privileged access to connector configurations to execute arbitrary KQL management commands with the permissions of the connector's service principal. This can lead to unauthorized schema enumeration and modification, tampering with ingestion mappings, and altering streaming or retention policies on the target Azure Data Explorer database. There is no impact on availability, and exploitation does not require end-user interaction or Kafka record payload manipulation.

An official fix is available in kafka-sink-azure-kusto version 5.2.3. Users should upgrade to this version or later to remediate the vulnerability. Since this is a cloud-hosted service, the vendor manages remediation for the service; users should verify with the vendor advisory that their environment is updated. No additional mitigation actions are required beyond applying the official fix.