Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
couchbase couchbase server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-32556
An issue exists in Couchbase Server prior to 7.0.4. A private key is leaked to the log files with certain crashes.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32557
An issue exists in Couchbase Server prior to 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers.
Couchbase Couchbase Server
9.1
CVSSv3
CVE-2022-32559
An issue exists in Couchbase Server prior to 7.0.4. Random HTTP requests lead to leaked metrics.
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2022-32561
An issue exists in Couchbase Server prior to 6.6.5 and 7.x prior to 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it exists that diagnostic endpoints could still be accessed from the network.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32564
An issue exists in Couchbase Server prior to 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32565
An issue exists in Couchbase Server prior to 7.0.4. The Backup Service log leaks unredacted usernames and document ids.
Couchbase Couchbase Server
9.8
CVSSv3
CVE-2021-35943
Couchbase Server 6.5.x and 6.6.x up to and including 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.
Couchbase Couchbase Server
9.1
CVSSv3
CVE-2019-11496
In versions of Couchbase Server before 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenti...
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2021-25643
An issue exists in Couchbase Server 5.x and 6.x prior to 6.5.2 and 6.6.x prior to 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTok...
Couchbase Couchbase Server
6.5
CVSSv3
CVE-2021-31158
In the Query Engine in Couchbase Server 6.5.x and 6.6.x up to and including 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access.
Couchbase Couchbase Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »