Page 4 of 35 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. Couchbase Server versiones 6.5.x, 6.6.x hasta 6.6.2, y 7.0.0, presenta un desbordamiento del búfer. Un paquete de red especialmente diseñado enviado por un atacante puede bloquear memcached • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://www.couchbase.com/alerts • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513. Couchbase Server versiones 6.5.x y 6.6.x hasta 6.6.2, presenta un Control de Acceso Incorrecto. No se impide a usuarios administrados externamente usar una contraseña vacía, según RFC4513 • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://www.couchbase.com/alerts • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

Couchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached. Couchbase Server versiones 6.5.x, 6.6.0 hasta 6.6.2, y 7.0.0, presenta un desbordamiento del búfer. Un paquete de red especialmente diseñado enviado por un atacante puede bloquear memcached • https://docs.couchbase.com/server/current/release-notes/relnotes.html https://www.couchbase.com/alerts • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

An issue was discovered in Couchbase Server 5.x and 6.x before 6.5.2 and 6.6.x before 6.6.2. Internal users with administrator privileges, @cbq-engine-cbauth and @index-cbauth, leak credentials in cleartext in the indexer.log file when they make a /listCreateTokens, /listRebalanceTokens, or /listMetadataTokens call. Se detectó un problema en Couchbase Server versiones 5.x y versiones 6.x anteriores a 6.5.2 y versiones 6.6.x anteriores a 6.6.2. Los usuarios internos con privilegios de administrador, @cbq-engine-cbauth y @index-cbauth, filtran credenciales en texto sin cifrar del archivo indexer.log cuando realizan una llamada /listCreateTokens, /listRebalanceTokens o /listMetadataTokens • https://www.couchbase.com/resources/security#SecurityAlerts • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is insecurely logging session cookies in the logs. This allows for the impersonation of a user if the log files are obtained by an attacker before a session cookie expires. Se detectó un problema en Couchbase Server versiones 6.x hasta 6.6.1. La Interfaz de Usuario de Couchbase Server está registrando cookies de sesión de forma no segura en los registros. • https://www.couchbase.com/downloads https://www.couchbase.com/resources/security#SecurityAlerts • CWE-319: Cleartext Transmission of Sensitive Information •