VYPR
Medium severity5.9NVD Advisory· Published May 19, 2021· Updated Jun 17, 2026

CVE-2021-27924

CVE-2021-27924

Description

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is insecurely logging session cookies in the logs. This allows for the impersonation of a user if the log files are obtained by an attacker before a session cookie expires.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.