Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-11769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration...

9CVSS7.8AI score0.11681EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2022/05/21 12:23 a.m.73 views

CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's...

9CVSS3.6AI score0.90602EPSS
Exploits18References1
OSV
OSV
added 2019/02/14 1:45 p.m.5 views

SUSE-SU-2019:0392-1 Security update for couchdb

This update for couchdb fixes the following issues: Security issue fixed: - CVE-2018-11769: Fixed a remote code execution vulnerability by removing the config route from default.ini bsc1104204...

9CVSS7.4AI score0.08153EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/08/22 12:0 a.m.25 views

FreeBSD : couchdb -- administrator privilege escalation (9b19b6df-a4be-11e8-9366-0028f8d09152)

Apache CouchDB PMC reports : Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases. C Tenable Network Security, Inc. The descriptive text and...

9CVSS7.3AI score0.08153EPSS
Exploits0References3
NVD
NVD
added 2018/08/08 3:29 p.m.20 views

CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's...

9CVSS7.7AI score0.08153EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2018/08/08 3:29 p.m.28 views

CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's...

9CVSS7.4AI score0.08153EPSS
Exploits0References3
OSV
OSV
added 2018/08/08 3:29 p.m.3 views

UBUNTU-CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's...

7.2CVSS7.4AI score0.08153EPSS
Exploits0References4
OSV
OSV
added 2018/08/08 3:29 p.m.27 views

CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's...

7.2CVSS7.9AI score
Exploits0References6
Cvelist
Cvelist
added 2018/08/08 3:0 p.m.27 views

CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's...

8.8AI score0.08153EPSS
Exploits0References6
CVE
CVE
added 2018/08/08 3:0 p.m.84 views

CVE-2018-11769

CVE-2018-11769 affects CouchDB admin users prior to 2.2.0, allowing an administrator to bypass HTTP API configuration restrictions and escalate to the operating system user running CouchDB, effectively enabling arbitrary remote code execution. The issue arises from insufficient validation of admi...

9CVSS7.6AI score0.08153EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder