Critical severity9.8NVD Advisory· Published Sep 29, 2021· Updated Jun 17, 2026
CVE-2021-35943
CVE-2021-35943
Description
Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Couchbase/Couchbase Serverdescription
- Range: 6.5.x and 6.6.x through 6.6.2
Patches
Vulnerability mechanics
References
2- docs.couchbase.com/server/current/release-notes/relnotes.htmlnvdRelease NotesVendor Advisory
- www.couchbase.com/alertsnvdVendor Advisory
News mentions
0No linked articles in our index yet.