Critical severity9.8NVD Advisory· Published Nov 12, 2020· Updated Jun 17, 2026
CVE-2020-24719
CVE-2020-24719
Description
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie to attach to an Erlang node and run OS level commands on the system running the Erlang node. Affects version: 6.5.1. Fix version: 6.6.0.
Affected products
2- Erlang/Erlangdescription
Patches
Vulnerability mechanics
References
1- www.couchbase.com/resources/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.