Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
couchbase couchbase server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43768
An issue exists in Couchbase Server 6.6.x up to and including 7.2.0, prior to 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
NA
CVE-2024-23302
Couchbase Server prior to 7.2.4 has a private key leak in goxdcr.log.
NA
CVE-2023-50436
An issue exists in Couchbase Server prior to 7.2.4. ns_server admin credentials are leaked in encoded form in the diag.log file. The earliest affected version is 7.1.5.
NA
CVE-2023-50437
An issue exists in Couchbase Server prior to 7.2.x prior to 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2.
NA
CVE-2023-43769
An issue exists in Couchbase Server up to and including 7.1.4 prior to 7.1.5 and prior to 7.2.1. There are Unauthenticated RMI Service Ports Exposed in Analytics.
NA
CVE-2023-49930
An issue exists in Couchbase Server prior to 7.2.4. cURL calls to /diag/eval are not sufficiently restricted.
NA
CVE-2023-49931
An issue exists in Couchbase Server prior to 7.2.4. SQL++ cURL calls to /diag/eval are not sufficiently restricted.
NA
CVE-2023-49932
An issue exists in Couchbase Server prior to 7.2.4. An attacker can bypass SQL++ N1QL cURL host restrictions.
NA
CVE-2023-45874
An issue exists in Couchbase Server up to and including 7.2.2. A data reader may cause a denial of service (outage of reader threads).
NA
CVE-2023-49338
Couchbase Server 7.1.x and 7.2.x prior to 7.2.4 does not require authentication for the /admin/stats and /admin/vitals endpoints on TCP port 8093 of localhost.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »