Couchbase
Products
10- 45 CVEs
- 15 CVEs
- 4 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
64| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-24719 | Cri | 0.69 | 9.8 | 0.23 | Nov 12, 2020 | Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie… | ||
| CVE-2023-49931 | Cri | 0.64 | 9.8 | 0.01 | Feb 29, 2024 | An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL calls to /diag/eval are not sufficiently restricted. | ||
| CVE-2023-49930 | Cri | 0.64 | 9.8 | 0.01 | Feb 29, 2024 | An issue was discovered in Couchbase Server before 7.2.4. cURL calls to /diag/eval are not sufficiently restricted. | ||
| CVE-2022-32563 | Cri | 0.64 | 9.8 | 0.01 | Jun 10, 2022 | An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509… | ||
| CVE-2021-35943 | Cri | 0.64 | 9.8 | 0.01 | Sep 29, 2021 | Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513. | ||
| CVE-2020-9039 | Cri | 0.64 | 9.8 | 0.04 | Feb 22, 2020 | Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an… | ||
| CVE-2019-11495 | Cri | 0.64 | 9.8 | 0.02 | Sep 10, 2019 | In Couchbase Server 5.1.1, the cookie used for intra-node communication was not generated securely. Couchbase Server uses erlang:now() to seed the PRNG which results in a small search space for potential random seeds that could then be used to brute force the cookie and execute… | ||
| CVE-2022-32559 | Cri | 0.59 | 9.1 | 0.01 | Jun 14, 2022 | An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. | ||
| CVE-2019-11496 | Cri | 0.59 | 9.1 | 0.01 | Sep 10, 2019 | In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenticated users with… | ||
| CVE-2022-32562 | Hig | 0.57 | 8.8 | 0.01 | Jun 13, 2022 | An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission. | ||
| CVE-2020-9042 | Hig | 0.57 | 8.8 | 0.01 | Jun 8, 2020 | In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an administrator has used their browser to check the results of a REST API request. | ||
| CVE-2018-15728 | Hig | 0.57 | 8.8 | 0.03 | Aug 24, 2018 | Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. Authenticated users that have 'Full Admin' role assigned could send arbitrary Erlang code to the 'diag/eval' endpoint of the API and the code would subsequently be… | ||
| CVE-2023-50437 | Hig | 0.56 | 8.6 | 0.01 | Feb 29, 2024 | An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2. | ||
| CVE-2022-42951 | Hig | 0.53 | 8.1 | 0.01 | Feb 6, 2023 | An issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. During the start-up of a Couchbase Server node, there is a small window of time (before the cluster management authentication has started) where an attacker can… | ||
| CVE-2021-43963 | Hig | 0.53 | 8.1 | 0.01 | Dec 7, 2021 | An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these… | ||
| CVE-2025-46619 | Hig | 0.49 | 7.6 | 0.00 | Apr 30, 2025 | A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or… | ||
| CVE-2023-43768 | Hig | 0.49 | 7.5 | 0.01 | Mar 27, 2024 | An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands. | ||
| CVE-2024-23302 | Hig | 0.49 | 7.5 | 0.01 | Feb 29, 2024 | Couchbase Server before 7.2.4 has a private key leak in goxdcr.log. | ||
| CVE-2023-49338 | Hig | 0.49 | 7.5 | 0.01 | Feb 28, 2024 | Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authentication for the /admin/stats and /admin/vitals endpoints on TCP port 8093 of localhost. | ||
| CVE-2023-36667 | Hig | 0.49 | 7.5 | 0.01 | Nov 8, 2023 | Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. |
- risk 0.69cvss 9.8epss 0.23
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Couchbase Server before 7.2.4. SQL++ cURL calls to /diag/eval are not sufficiently restricted.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Couchbase Server before 7.2.4. cURL calls to /diag/eval are not sufficiently restricted.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticate with Couchbase Server using X.509…
- risk 0.64cvss 9.8epss 0.01
Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.
- risk 0.64cvss 9.8epss 0.04
Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an…
- risk 0.64cvss 9.8epss 0.02
In Couchbase Server 5.1.1, the cookie used for intra-node communication was not generated securely. Couchbase Server uses erlang:now() to seed the PRNG which results in a small search space for potential random seeds that could then be used to brute force the cookie and execute…
- risk 0.59cvss 9.1epss 0.01
An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics.
- risk 0.59cvss 9.1epss 0.01
In versions of Couchbase Server prior to 5.0, the bucket named "default" was a special bucket that allowed read and write access without authentication. As part of 5.0, the behavior of all buckets including "default" were changed to only allow access by authenticated users with…
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission.
- risk 0.57cvss 8.8epss 0.01
In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an administrator has used their browser to check the results of a REST API request.
- risk 0.57cvss 8.8epss 0.03
Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. Authenticated users that have 'Full Admin' role assigned could send arbitrary Erlang code to the 'diag/eval' endpoint of the API and the code would subsequently be…
- risk 0.56cvss 8.6epss 0.01
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2.
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. During the start-up of a Couchbase Server node, there is a small window of time (before the cluster management authentication has started) where an attacker can…
- risk 0.53cvss 8.1epss 0.01
An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these…
- risk 0.49cvss 7.6epss 0.00
A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
- risk 0.49cvss 7.5epss 0.01
Couchbase Server before 7.2.4 has a private key leak in goxdcr.log.
- risk 0.49cvss 7.5epss 0.01
Couchbase Server 7.1.x and 7.2.x before 7.2.4 does not require authentication for the /admin/stats and /admin/vitals endpoints on TCP port 8093 of localhost.
- risk 0.49cvss 7.5epss 0.01
Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal.