Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
couchbase couchbase server - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-32192
Couchbase Server 5.x up to and including 7.x prior to 7.0.4 exposes Sensitive Information to an Unauthorized Actor.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32556
An issue exists in Couchbase Server prior to 7.0.4. A private key is leaked to the log files with certain crashes.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32560
An issue exists in Couchbase Server prior to 7.0.4. XDCR lacks role checking when changing internal settings.
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2022-32561
An issue exists in Couchbase Server prior to 6.6.5 and 7.x prior to 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it exists that diagnostic endpoints could still be accessed from the network.
Couchbase Couchbase Server
8.8
CVSSv3
CVE-2022-32562
An issue exists in Couchbase Server prior to 7.0.4. Operations may succeed on a collection using stale RBAC permission.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32564
An issue exists in Couchbase Server prior to 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32565
An issue exists in Couchbase Server prior to 7.0.4. The Backup Service log leaks unredacted usernames and document ids.
Couchbase Couchbase Server
4.4
CVSSv3
CVE-2021-27925
An issue exists in Couchbase Server 6.5.x and 6.6.x up to and including 6.6.1. When using the View Engine and Auditing is enabled, a crash condition can (depending on a race condition) cause an internal user with administrator privileges, @ns_server, to have its credentials leake...
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2021-25643
An issue exists in Couchbase Server 5.x and 6.x prior to 6.5.2 and 6.6.x prior to 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTok...
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2023-45875
An issue exists in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a 7.2 cluster.
Couchbase Couchbase Server 7.2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »