Couchbase Server@2.0.0 Security Vulnerabilities and Issues — Couchbase Server@2.0.0 CVE List

Lucene search

CouchbaseCouchbase Server2.0.0

6 matches found

cve•added 2024/02/29 1:42 a.m.•74 views

CVE-2023-50437

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2.

8.6CVSS6.8AI score0.00244EPSS

Web

cve•added 2022/06/02 2:15 p.m.•56 views

CVE-2021-33504

Couchbase Server before 7.1.0 has Incorrect Access Control.

4.9CVSS5.2AI score0.00392EPSS

cve•added 2024/09/19 7:15 p.m.•50 views

CVE-2024-25673

Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection.

6.1CVSS7.6AI score0.00227EPSS

cve•added 2023/02/06 9:15 p.m.•44 views

CVE-2023-25016

Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor.

7.5CVSS7.5AI score0.00097EPSS

cve•added 2025/04/30 6:15 p.m.•44 views

CVE-2025-46619

A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or /etc/shadow.

7.6CVSS6.9AI score0.00073EPSS

cve•added 2023/11/08 10:15 p.m.•40 views

CVE-2023-36667

Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal.

7.5CVSS7.5AI score0.00941EPSS