Shodan
Vulnerabilities
Vulnerable Software
Couchbase:  >> Couchbase Server  >> 6.6.2  Security Vulnerabilities
CVE-2022-33911
An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information.
CVSS Score
5.3
EPSS Score
0.005
Published
2022-07-12
CVE-2022-33173
An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-07-12
CVE-2022-32557
An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-06-14
CVE-2022-32559
An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics.
CVSS Score
9.1
EPSS Score
0.007
Published
2022-06-14
CVE-2022-32561
An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints could still be accessed from the network.
CVSS Score
4.9
EPSS Score
0.004
Published
2022-06-14
CVE-2022-32192
Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-06-13
CVE-2022-32560
An issue was discovered in Couchbase Server before 7.0.4. XDCR lacks role checking when changing internal settings.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-06-13
CVE-2022-32564
An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-06-13
CVE-2022-32193
Couchbase Server 6.6.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized Actor.
CVSS Score
6.5
EPSS Score
0.004
Published
2022-06-13
CVE-2022-32558
An issue was discovered in Couchbase Server before 7.0.4. Sample bucket loading may leak internal user passwords during a failure.
CVSS Score
7.5
EPSS Score
0.005
Published
2022-06-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved