VYPR
Medium severity4.4NVD Advisory· Published May 19, 2021· Updated Jun 17, 2026

CVE-2021-27925

CVE-2021-27925

Description

An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6.6.1. When using the View Engine and Auditing is enabled, a crash condition can (depending on a race condition) cause an internal user with administrator privileges, @ns_server, to have its credentials leaked in cleartext in the ns_server.info.log file.

Affected products

2
  • Couchbase/Couchbase Serverdescription
  • Couchbase/Serverllm-fuzzy
    Range: 6.5.x and 6.6.x through 6.6.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.