High severity7.5NVD Advisory· Published Nov 2, 2021· Updated Jun 17, 2026
CVE-2021-42763
CVE-2021-42763
Description
Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, has the "@" user credentials of the node processing the UI request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Couchbase/Serverdescription
Patches
Vulnerability mechanics
References
2- docs.couchbase.com/server/current/release-notes/relnotes.htmlnvdRelease NotesVendor Advisory
- www.couchbase.com/alertsnvdVendor Advisory
News mentions
0No linked articles in our index yet.