1 matches found
CVE-2019-11466
In Couchbase Server 6.0.0/5.5.0, the Eventing service exposed an unauthenticated HTTP endpoint for the system diagnostic profile on an internal-traffic port; this was remedied in 6.0.1 and now requires valid credentials.