couchdb -- administrator privilege escalation

2018-12-01T00:00:00
ID 1999A215-FC6B-11E8-8A95-AC1F6B67E138
Type freebsd
Reporter FreeBSD
Modified 2018-12-01T00:00:00

Description

Apache CouchDB PMC reports:

Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases.