Page 2 of 9 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor. • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. During the start-up of a Couchbase Server node, there is a small window of time (before the cluster management authentication has started) where an attacker can connect to the cluster manager using default credentials. • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-287: Improper Authentication CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Couchbase Server before 7.0.4. A private key is leaked to the log files with certain crashes. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. Una clave privada es filtrada a los archivos de registro con determinados bloqueos • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs. En Couchbase Server versiones 7.1.x anteriores a 7.1.1, una frase de contraseña encriptada de la clave privada puede filtrarse en los registros • https://www.couchbase.com/alerts • CWE-532: Insertion of Sensitive Information into Log File •