CVE-2022-32559
https://notcve.org/view.php?id=CVE-2022-32559
An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. Las peticiones HTTP aleatorias conllevan a una filtración de métricas • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-32557
https://notcve.org/view.php?id=CVE-2022-32557
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. El servicio de índices no aplica la autenticación para los servidores TCP/TLS • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-306: Missing Authentication for Critical Function •
CVE-2022-32561
https://notcve.org/view.php?id=CVE-2022-32561
An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. Se ha detectado un problema en Couchbase Server versiones anteriores a 6.6.5 y versiones 7.x anteriores a 7.0.4. Las mitigaciones anteriores para CVE-2018-15728 resultaron insuficientes cuando ha sido detectado que se podía seguir accediendo a los endpoints de diagnóstico desde la red • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts •
CVE-2022-32565
https://notcve.org/view.php?id=CVE-2022-32565
An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. El registro del servicio de copia de seguridad filtra nombres de usuario e identificadores de documentos no redactados • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2022-32562
https://notcve.org/view.php?id=CVE-2022-32562
An issue was discovered in Couchbase Server before 7.0.4. Operations may succeed on a collection using stale RBAC permission. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. Las operaciones pueden tener éxito en una colección usando un permiso RBAC antiguo • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-276: Incorrect Default Permissions •