Описание
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators.
Ссылки
- ProductVendor Advisory
- Vendor Advisory
- ProductVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0.0 (включая) до 6.6.1 (включая)
Одно из
cpe:2.3:a:couchbase:couchbase_server:*:*:*:*:*:*:*:*
cpe:2.3:a:couchbase:couchbase_server:7.0.0:beta:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00187
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-312
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators.
EPSS
Процентиль: 41%
0.00187
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-312