CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32561
https://notcve.org/view.php?id=CVE-2022-32561
14 Jun 2022 — An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. Se ha detectado un problema en Couchbase Server versiones anteriores a 6.6.5 y versiones 7.x anteriores a 7.0.4. Las mitigaciones anteriores para CVE-2018-15728 resultaron insuficientes cuando ha sido detectado que se podía seguir accediendo a los endpoints de diagnóstico... • https://docs.couchbase.com/server/current/release-notes/relnotes.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32565
https://notcve.org/view.php?id=CVE-2022-32565
13 Jun 2022 — An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. El registro del servicio de copia de seguridad filtra nombres de usuario e identificadores de documentos no redactados • https://docs.couchbase.com/server/current/release-notes/relnotes.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32562
https://notcve.org/view.php?id=CVE-2022-32562
13 Jun 2022 — An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. Las operaciones pueden tener éxito en una colección usando un permiso RBAC antiguo • https://docs.couchbase.com/server/current/release-notes/relnotes.html • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32192
https://notcve.org/view.php?id=CVE-2022-32192
13 Jun 2022 — Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. Couchbase Server versiones 5.x hasta 7.x anteriores a 7.0.4, expone Información Confidencial a un Actor no Autorizado • https://docs.couchbase.com/server/current/release-notes/relnotes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32193
https://notcve.org/view.php?id=CVE-2022-32193
13 Jun 2022 — Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor. Couchbase Server versiones 6.6.x hasta 7.x anteriores a 7.0.4, expone información confidencial a un actor no autorizado • https://docs.couchbase.com/server/current/release-notes/relnotes.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-32558
https://notcve.org/view.php?id=CVE-2022-32558
13 Jun 2022 — An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. La carga de cubos de muestra puede filtrar las contraseñas de usuarios internos durante un fallo • https://docs.couchbase.com/server/current/release-notes/relnotes.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32560
https://notcve.org/view.php?id=CVE-2022-32560
13 Jun 2022 — An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing internal settings. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. XDCR carece de comprobación de roles cuando es cambiada la configuración interna • https://docs.couchbase.com/server/current/release-notes/relnotes.html • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32564
https://notcve.org/view.php?id=CVE-2022-32564
13 Jun 2022 — An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. En couchbase-cli, server-eshell filtra la cookie de Cluster Manager • https://docs.couchbase.com/server/current/release-notes/relnotes.html •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-33504
https://notcve.org/view.php?id=CVE-2021-33504
31 May 2022 — Couchbase Server before 7.1.0 has Incorrect Access Control. Couchbase Server versiones anteriores a 7.1.0, presenta un Control de Acceso Incorrecto • https://docs.couchbase.com/server/current/release-notes/relnotes.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42763
https://notcve.org/view.php?id=CVE-2021-42763
02 Nov 2021 — Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, has the "@" user credentials of the node processing the UI request. Couchbase Server versiones anteriores a 6.6.3 y 7.x anteriores a 7.0.2, almacena información confidencial en texto sin cifrar. El problema se pro... • https://docs.couchbase.com/server/current/release-notes/relnotes.html • CWE-312: Cleartext Storage of Sensitive Information •