167 matches found
Apache CouchDB <= 3.2.2, 3.3.x <= 3.3.1 Information Disclosure Vulnerability - Linux
Apache CouchDB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache CouchDB <= 3.2.2, 3.3.x <= 3.3.1 Information Disclosure Vulnerability - Windows
Apache CouchDB is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Apache CouchDB Information Disclosure Vulnerability
Apache CouchDB is the United States Apache Apache Foundation's use of Erlang development of a document-oriented database system. An information disclosure vulnerability exists in Apache CouchDB, which stems from the fact that design documents with matching document IDs from databases on the same...
Apache CouchDB < 3.2.3 / 3.3.x < 3.3.2 Information Disclosure
According to its banner, the version of CouchDB running on the remote host is prior to 3.2.3 or 3.3.x prior to 3.3,2. It is, therefore, affected by an information disclosure vulnerability. Design documents with matching document IDs, from databases on the same cluster, may share a mutable...
Code injection
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...
CVE-2023-26268
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...
CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...
CVE-2023-26268 Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: validatedocupdate list filter filter views using view functions as filters rewrite update This doesn't affect map/reduce or searc...
Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Active Check
Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...
Metasploit Weekly Wrap-Up
C is for cookie And that’s good enough for Apache CouchDB, apparently. Our very own Jack Heysel added an exploit module based on CVE-2022-24706 targeting CouchDB prior to 3.2.2, leveraging a special default ‘monster’ cookie that allows users to run OS commands. This fake computer I just made says...
Apache CouchDB Erlang Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Couchdb Erlang RCE', 'Description' = %q In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installatio...
Apache Couchdb Erlang RCE
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. Module Options msf use exploit/multi/http/apachecouchdberlangrce msf exploitapachecouchdberlangrce show targets ...targets... msf...
PT-2022-37630 · Undefined · Undefined
CVE Apache CouchDB Insecure Default Initialization of Resource Vulnerability CVE-2022-08-25 Apache CouchDB содержит небезопасную инициализацию ресурсов по умолчанию, которая может позволить злоумышленнику повысить свои привилегии до уровня администратора...
Apache CouchDB Insecure Default Initialization of Resource Vulnerability
Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges...
Apache CouchDB Remote Code Execution (CVE-2022-24706)
A remote code execution vulnerability exists in Apache CouchDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Exploit for Insecure Default Initialization of Resource in Apache Couchdb
Apache CouchDB 3.2.1 - Remote Code Execution RCE CVE-2022-24...
Apache CouchDB < 3.2.2 Remote Privilege Escalation
According to its banner, the version of CouchDB running on the remote host is prior to 3.2.2 It is, therefore, potentially affected by a remote privilege escalation vulnerability. An attacker can access an improperly secured default installation without authenticating and gain admin privileges...
Apache CouchDB 3.2.1 - Remote Code Execution (RCE)
Exploit Title: Apache CouchDB 3.2.1 - Remote Code Execution RCE Date: 2022-01-21 Exploit Author: Konstantin Burov, @sadshade Software Link: https://couchdb.apache.org/ Version: 3.2.1 and below Tested on: Kali 2021.2 Based on 1F98D's Erlang Cookie - Remote Code Execution Shodan: port:4369 "name...
Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Windows - Version Check
Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...
Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Linux - Version Check
Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...