An issue exists in Couchbase Server prior to 6.0.5, 6.1.x up to and including 6.5.x prior to 6.5.2, and 6.6.x prior to 6.6.1. An internal user with administrator privileges, @ns_server, leaks credentials in cleartext in the cbcollect_info.log, debug.log, ns_couchdb.log, indexer.log, and stats.log files. NOTE: updating the product does not automatically address leaks that occurred in the past.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
couchbase couchbase server |