Page 3 of 34 results (0.032 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead. Se ha detectado un problema de degradación de algoritmos en Couchbase Server versiones anteriores a 7.0.4. Analytics Remote Links puede degradar temporalmente a una conexión no TLS para determinar el número de puerto TLS, usando SCRAM-SHA en su lugar • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. Las peticiones HTTP aleatorias conllevan a una filtración de métricas • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. El servicio de índices no aplica la autenticación para los servidores TCP/TLS • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-306: Missing Authentication for Critical Function •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network. Se ha detectado un problema en Couchbase Server versiones anteriores a 6.6.5 y versiones 7.x anteriores a 7.0.4. Las mitigaciones anteriores para CVE-2018-15728 resultaron insuficientes cuando ha sido detectado que se podía seguir accediendo a los endpoints de diagnóstico desde la red • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. Se ha detectado un problema en Couchbase Server versiones anteriores a 7.0.4. El registro del servicio de copia de seguridad filtra nombres de usuario e identificadores de documentos no redactados • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts • CWE-532: Insertion of Sensitive Information into Log File •