Medium severity5.3NVD Advisory· Published Sep 10, 2019· Updated Jun 17, 2026
CVE-2019-11465
CVE-2019-11465
Description
An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for all users currently logged into the system even if the log was redacted for privacy. This has been fixed (in 5.5.4 and 6.0.1) so that usernames are tagged properly in the logs and are hashed out when the logs are redacted.
Affected products
2- Couchbase/Couchbase Serverdescription
- Range: 5.5.x through 5.5.3 and 6.0.0
Patches
Vulnerability mechanics
References
1- www.couchbase.com/resources/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.