An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators.
References
Link | Resource |
---|---|
https://www.couchbase.com/downloads | Product Vendor Advisory |
https://www.couchbase.com/resources/security#SecurityAlerts | Vendor Advisory |
https://www.couchbase.com/downloads | Product Vendor Advisory |
https://www.couchbase.com/resources/security#SecurityAlerts | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:55
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.couchbase.com/downloads - Product, Vendor Advisory | |
References | () https://www.couchbase.com/resources/security#SecurityAlerts - Vendor Advisory |
Information
Published : 2021-05-19 19:15
Updated : 2024-11-21 05:55
NVD link : CVE-2021-25644
Mitre link : CVE-2021-25644
CVE.ORG link : CVE-2021-25644
JSON object : View
Products Affected
couchbase
- couchbase_server
CWE
CWE-312
Cleartext Storage of Sensitive Information