Couchbase Server@5.0.0 Security Vulnerabilities and Issues — Couchbase Server@5.0.0 CVE List

Lucene search

CouchbaseCouchbase Server5.0.0

3 matches found

CVE•added 2021/05/26 9:15 p.m.•51 views

CVE-2021-25643

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTokens, or /listMe...

4.9CVSS5.1AI score0.00155EPSS

CVE•added 2021/05/19 7:15 p.m.•43 views

CVE-2021-25644

An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators.

7.5CVSS7.6AI score0.00175EPSS

CVE•added 2021/11/02 12:15 p.m.•30 views

CVE-2021-42763

Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, ...

7.5CVSS7.4AI score0.00162EPSS