Couchbase Server 6.5.x and 6.6.x up to and including 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
couchbase couchbase server |