In Couchbase Server 6.0.3 and Couchbase Sync Gateway up to and including 2.7.0, the Cluster management, views, query, and full-text search endpoints are vulnerable to the Slowloris denial-of-service attack because they don't more aggressively terminate slow connections.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
couchbase couchbase server 6.0.3 |
||
couchbase sync gateway |