CVSS: 9.0EPSS: 3%CPEs: 6EXPL: 4CVE-2017-12636 – Apache CouchDB - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2017-12636
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet. Los usuarios administrativos de CouchDB pueden configurar el servidor de la base de datos mediante HTTP(S). Algunas de las opciones de configuración incluyen rutas para operar binarios a nivel de sistema que son iniciados subsecuentemente por CouchDB. • https://www.exploit-db.com/exploits/45019 https://www.exploit-db.com/exploits/44913 https://github.com/XTeam-Wing/CVE-2017-12636 https://github.com/moayadalmalat/CVE-2017-12636 https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67%40%3Cdev.couchdb.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/01/msg00026.html https://security.gentoo.org/glsa/201711-16 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03935en& • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2016-8742 – Apache CouchDB 2.0.0 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2016-8742
The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB batch or binary files. A subsequent service or server restart will then run that binary with administrator privilege. This issue affected CouchDB 2.0.0 (Windows platform only) and was addressed in CouchDB 2.0.0.1. El instalador de Windows que proporciona el equipo de Apache CouchDB era vulnerable a un escalado de privilegios local. • https://www.exploit-db.com/exploits/40865 http://mail-archives.apache.org/mod_mbox/couchdb-dev/201612.mbox/%3C825F65E1-0E5F-4E1F-8053-CF2C6200C526%40apache.org%3E http://www.securityfocus.com/bid/94766 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 5%CPEs: 1EXPL: 3CVE-2014-2668 – Apache CouchDB 1.5.0 - 'uuids' Denial of Service
https://notcve.org/view.php?id=CVE-2014-2668
Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids. Apache CouchDB 1.5.0 y anteriores permite a atacantes remotos causar una denegación de servicio (consumo de CPU y memoria) a través del parámetro count hacia /_uuids. • https://www.exploit-db.com/exploits/32519 http://lists.opensuse.org/opensuse-updates/2014-04/msg00039.html http://packetstormsecurity.com/files/125889 http://secunia.com/advisories/57572 http://www.exploit-db.com/exploits/32519 http://www.securityfocus.com/bid/66474 http://www.securitytracker.com/id/1029967 https://exchange.xforce.ibmcloud.com/vulnerabilities/92161 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 8%CPEs: 7EXPL: 0CVE-2012-5649
https://notcve.org/view.php?id=CVE-2012-5649
Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash. Apache CouchDB anterior a 1.0.4, 1.1.x anterior a 1.1.2 y 1.2.x anterior a 1.2.1 permite a atacantes remotos ejecutar código arbitrario a través de una devolución de llamada JSONP, relacionado con Adobe Flash. • http://archives.neohapsis.com/archives/bugtraq/2013-01/0057.html http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098089.html http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098092.html http://secunia.com/advisories/51765 http://www.mandriva.com/security/advisories?name=MDVSA-2013:067 http://www.securityfocus.com/bid/57314 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 2%CPEs: 7EXPL: 0CVE-2012-5650
https://notcve.org/view.php?id=CVE-2012-5650
Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite. Una vulnerabilidad de tipo cross-site scripting (XSS) en la UI de Futon en Apache CouchDB anteriores a versión 1.0.4, versiones 1.1.x anteriores a 1.1.2 y versiones 1.2.x anteriores a 1.2.1, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio de parámetros no especificados para el conjunto de pruebas basadas en el navegador. • http://archives.neohapsis.com/archives/bugtraq/2013-01/0056.html http://mail-archives.apache.org/mod_mbox/couchdb-user/201301.mbox/%3C2FFF2FD7-8EAF-4EBF-AFDA-5AEB6EAC853F%40apache.org%3E • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •