PT-2018-18377 · Apache · Apache Couchdb

Francesco Oddo

Published

2018-07-11

Updated

2019-05-13

CVE-2018-8007

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Apache CouchDB versions prior to 1.7.2 Apache CouchDB versions prior to 2.1.2

Description: The issue allows an existing CouchDB administrator user to escalate their privileges to that of the operating system's user that CouchDB runs under. This is due to insufficient validation of administrator-supplied configuration settings via the HTTP API, enabling the bypassing of the blacklist of configuration settings that are not allowed to be modified via the HTTP API. As a result, an existing CouchDB admin user can gain arbitrary remote code execution.

Recommendations: For Apache CouchDB versions prior to 1.7.2, upgrade to release 1.7.2. For Apache CouchDB versions prior to 2.1.2, upgrade to release 2.1.2.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-8007

SUSE-SU-2018:2578-1

SUSE-SU-2018:2765-1

Affected Products

Apache Couchdb

PT-2018-18377 · Apache · Apache Couchdb

CVE-2018-8007

Weakness Enumeration

Related Identifiers

Affected Products

References · 24