PT-2023-14162 · Couchbase · Couchbase Server
Publicado
2023-02-06
·
Atualizado
2025-03-26
·
CVE-2022-42950
CVSS v3.1
4.9
Média
| Vetor | AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Couchbase Server versions 7.0.0 through 7.0.4
Couchbase Server versions 7.1.0 through 7.1.1
Description
An issue was discovered in Couchbase Server where a crafted HTTP REST request from an administrator account to the "Couchbase Server Backup Service" can exhaust memory resources, causing the process to be killed, which can be used for denial of service.
Recommendations
For Couchbase Server versions 7.0.0 through 7.0.4, update to version 7.0.5 or later.
For Couchbase Server versions 7.1.0 through 7.1.1, update to version 7.1.2 or later.
Correção
DoS
Resource Exhaustion
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Couchbase Server