Lucene search
K

8 matches found

Check Point Advisories
Check Point Advisories
added 2019/02/20 12:0 a.m.1 views

Apache CouchDB Command Execution (CVE-2018-8007)

A command execution vulnerability has been reported in CouchDB. The vulnerability is due to a design flaw where certain configuration options that specify paths for operating system level binaries launched by CouchDB are modifiable via HTTP. A remote, authenticated attacker could exploit this...

9CVSS2.3AI score0.11681EPSS
Exploits3
OpenVAS
OpenVAS
added 2018/08/09 12:0 a.m.33 views

Apache CouchDB 1.x < 1.7.2, 2.x < 2.1.2 Privilege Escalation Vulnerability - Linux

Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...

9CVSS7.1AI score0.11681EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2018/08/08 12:0 a.m.24 views

Apache CouchDB 1.x < 1.7.2, 2.x < 2.1.2 Privilege Escalation Vulnerability - Windows

Apache CouchDB is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:couchdb";...

9CVSS7.1AI score0.11681EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2018/07/12 12:0 a.m.40 views

FreeBSD : couchdb -- multiple vulnerabilities (1e54d140-8493-11e8-a795-0028f8d09152)

Apache CouchDB PMC reports : Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases. C Tenable Network Security, Inc. The descriptive text and...

10CVSS7.9AI score0.99838EPSS
Exploits24References7
NVD
NVD
added 2018/07/11 1:29 p.m.23 views

CVE-2018-8007

Apache CouchDB administrative users can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user th...

9CVSS7.7AI score0.11681EPSS
Exploits3References9
UbuntuCve
UbuntuCve
added 2018/07/11 1:29 p.m.23 views

CVE-2018-8007

Apache CouchDB administrative users can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user th...

9CVSS7.3AI score0.11681EPSS
Exploits3References4
OSV
OSV
added 2018/07/11 1:29 p.m.49 views

CVE-2018-8007

Apache CouchDB administrative users can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user th...

7.2CVSS7.9AI score0.11681EPSS
Exploits3References9
Cvelist
Cvelist
added 2018/07/11 1:0 p.m.35 views

CVE-2018-8007

Apache CouchDB administrative users can configure the database server via HTTPS. Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user th...

8.8AI score0.11681EPSS
Exploits3References9
Rows per page
Query Builder