Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
couchbase vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-32556
An issue exists in Couchbase Server prior to 7.0.4. A private key is leaked to the log files with certain crashes.
Couchbase Couchbase Server
9.8
CVSSv3
CVE-2020-24719
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use t...
Couchbase Couchbase Server
9.1
CVSSv3
CVE-2019-11496
In versions of Couchbase Server before 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenti...
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2021-25643
An issue exists in Couchbase Server 5.x and 6.x prior to 6.5.2 and 6.6.x prior to 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTok...
Couchbase Couchbase Server
4.4
CVSSv3
CVE-2021-25645
An issue exists in Couchbase Server prior to 6.0.5, 6.1.x up to and including 6.5.x prior to 6.5.2, and 6.6.x prior to 6.6.1. An internal user with administrator privileges, @ns_server, leaks credentials in cleartext in the cbcollect_info.log, debug.log, ns_couchdb.log, indexer.l...
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2021-33504
Couchbase Server prior to 7.1.0 has Incorrect Access Control.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32557
An issue exists in Couchbase Server prior to 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers.
Couchbase Couchbase Server
9.1
CVSSv3
CVE-2022-32559
An issue exists in Couchbase Server prior to 7.0.4. Random HTTP requests lead to leaked metrics.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2022-32560
An issue exists in Couchbase Server prior to 7.0.4. XDCR lacks role checking when changing internal settings.
Couchbase Couchbase Server
4.9
CVSSv3
CVE-2022-32561
An issue exists in Couchbase Server prior to 6.6.5 and 7.x prior to 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it exists that diagnostic endpoints could still be accessed from the network.
Couchbase Couchbase Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »