Couchbase Server@6.6.0 Security Vulnerabilities and Issues — Couchbase Server@6.6.0 CVE List

Lucene search

CouchbaseCouchbase Server6.6.0

5 matches found

CVE•added 2021/05/26 9:15 p.m.•51 views

CVE-2021-25643

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTokens, or /listMe...

4.9CVSS5.1AI score0.00155EPSS

CVE•added 2021/09/29 8:15 p.m.•41 views

CVE-2021-35943

Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.

9.8CVSS9.4AI score0.00365EPSS

CVE•added 2021/05/10 1:15 p.m.•39 views

CVE-2021-25645

An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1. An internal user with administrator privileges, @ns_server, leaks credentials in cleartext in the cbcollect_info.log, debug.log, ns_couchdb.log, indexer.log, and stats.log files. NOTE...

4.4CVSS4.8AI score0.00051EPSS

CVE•added 2021/09/29 8:15 p.m.•36 views

CVE-2021-35944

Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.

7.5CVSS7.5AI score0.00578EPSS

CVE•added 2021/09/29 8:15 p.m.•33 views

CVE-2021-35945

Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.

7.5CVSS7.5AI score0.00578EPSS