PT-2023-19866 · Couchbase · Couchbase Server

Published

2023-02-06

Updated

2025-03-25

CVE-2023-25016

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Couchbase Server versions 6.6.6 and earlier, 7.x versions prior to 7.0.5, 7.1.x versions prior to 7.1.2

Description The issue exposes sensitive information to unauthorized actors.

Recommendations For versions 6.6.6 and earlier, update to version 6.6.6 or later. For 7.x versions prior to 7.0.5, update to version 7.0.5 or later. For 7.1.x versions prior to 7.1.2, update to version 7.1.2 or later.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2023-25016

Affected Products

Couchbase Server

PT-2023-19866 · Couchbase · Couchbase Server

CVE-2023-25016

Weakness Enumeration

Related Identifiers

Affected Products

References · 7