Known Vulnerabilities for Couchbase Server by Couchbase
Listed below are 10 of the newest known vulnerabilities associated with "Couchbase Server" by "Couchbase".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-45875 json | An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a ... | 7.5 - HIGH | 2023-11-08 | 2023-11-16 |
| CVE-2023-36667 json | Couchbase Server 7.1.4 before 7.1.5 and 7.2.0 before 7.2.1 allows Directory Traversal. | 7.5 - HIGH | 2023-11-08 | 2023-11-15 |
| CVE-2023-28470 json | In Couchbase Server 5 through 7 before 7.1.4, the nsstats endpoint is accessible without authentication. | 5.3 - MEDIUM | 2023-03-23 | 2023-03-28 |
| CVE-2023-25016 json | Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Acto... | 7.5 - HIGH | 2023-02-06 | 2023-02-14 |
| CVE-2022-42951 json | An issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. During th... | 8.1 - HIGH | 2023-02-06 | 2023-08-08 |
| CVE-2022-42950 json | An issue was discovered in Couchbase Server 7.x before 7.0.5 and 7.1.x before 7.1.2. A crafted HTTP REST request from an admi... | 4.9 - MEDIUM | 2023-02-06 | 2023-02-15 |
| CVE-2022-34826 json | In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the logs. | 5.9 - MEDIUM | 2022-07-15 | 2023-08-08 |
| CVE-2022-33911 json | An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for ... | 5.3 - MEDIUM | 2022-07-12 | 2022-07-18 |
| CVE-2022-33173 json | An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrad... | 7.5 - HIGH | 2022-07-12 | 2022-07-20 |
| CVE-2022-32565 json | An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids. | 7.5 - HIGH | 2022-06-13 | 2022-06-22 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Couchbase | Couchbase Server | 6.6.0 | |||
| Application | Couchbase | Couchbase Server | 6.5.1 | |||
| Application | Couchbase | Couchbase Server | 6.5.0 | |||
| Application | Couchbase | Couchbase Server | 6.0.4 | |||
| Application | Couchbase | Couchbase Server | 6.0.3 | |||
| Application | Couchbase | Couchbase Server | 6.0.2 | |||
| Application | Couchbase | Couchbase Server | 6.0.1 | |||
| Application | Couchbase | Couchbase Server | 6.0.0 | |||
| Application | Couchbase | Couchbase Server | 6.0 | |||
| Application | Couchbase | Couchbase Server | 5.5.5 | |||
| Application | Couchbase | Couchbase Server | 5.5.4 | |||
| Application | Couchbase | Couchbase Server | 5.5.3 | |||
| Application | Couchbase | Couchbase Server | 5.5.2 | |||
| Application | Couchbase | Couchbase Server | 5.5.1 | |||
| Application | Couchbase | Couchbase Server | 5.5.0 | |||
| Application | Couchbase | Couchbase Server | 5.1.2 | |||
| Application | Couchbase | Couchbase Server | 5.1.1 | |||
| Application | Couchbase | Couchbase Server | 5.0.1 | |||
| Application | Couchbase | Couchbase Server | 5.0.0 | |||
| Application | Couchbase | Couchbase Server | 4.6.5 |