exploitDog

CVE-2022-33911

Опубликовано: 12 июл. 2022

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information.

Ссылки

https://docs.couchbase.com/server/current/release-notes/relnotes.html
Release Notes
Vendor Advisory
https://forums.couchbase.com/tags/security
Vendor Advisory
https://www.couchbase.com/alerts
Vendor Advisory
https://docs.couchbase.com/server/current/release-notes/relnotes.html
Release Notes
Vendor Advisory
https://forums.couchbase.com/tags/security
Vendor Advisory
https://www.couchbase.com/alerts
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:couchbase:couchbase_server:*:*:*:*:*:*:*:*

Версия от 6.5.0 (включая) до 7.0.4 (исключая)

EPSS

Процентиль: 65%

0.00486

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-532

Связанные уязвимости

GHSA-34h9-hw7w-7v67

CVSS3: 5.3

github

больше 3 лет назад

An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information.

EPSS

Процентиль: 65%

0.00486

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-532