Lucene search

MitreVULNRICHMENT:CVE-2023-43768

HistoryMar 27, 2024 - 12:00 a.m.

CVE-2023-43768

2024-03-2700:00:00

mitre

github.com

couchbase server

memory exhaustion

unauthenticated access

AI Score

6.9

Confidence

Low

SSVC

Exploitation

none

Automatable

yes

Technical Impact

partial

JSON

An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:couchbase:couchbase_server:6.6.0:*:*:*:*:*:*:*"
    ],
    "vendor": "couchbase",
    "product": "couchbase_server",
    "versions": [
      {
        "status": "affected",
        "version": "6.6.0",
        "lessThan": "7.1.5",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:a:couchbase:couchbase_server:7.2.0:*:*:*:*:*:*:*"
    ],
    "vendor": "couchbase",
    "product": "couchbase_server",
    "versions": [
      {
        "status": "affected",
        "version": "7.2.0",
        "lessThan": "7.2.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

docs.couchbase.com/server/current/release-notes/relnotes.html

forums.couchbase.com/tags/security

www.couchbase.com/alerts/

www.couchbase.com/downloads