4 matches found
Security Bulletin: Cloudant Local Apache CouchDB CVE-2018-17188: Remote Privilege Escalations
Summary Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it...
Apache CouchDB < 2.3.0 Remote Privilege Escalation Vulnerability - Linux
CouchDB is prone to a remote privilege escalation vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Apache CouchDB < 2.3.0 Remote Privilege Escalation Vulnerability - Windows
CouchDB is prone to a remote privilege escalation vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...
CVE-2018-17188
Apache CouchDB CVE-2018-17188 affects prior to v2.3.0, where runtime-configuration of key components could let CouchDB admin users access the underlying OS as the CouchDB user. This vulnerability, together with others, could enable full system entry for unauthenticated users. Evidence in connecte...