CVE-2023-45725

Name of the Vulnerable Software and Affected Versions Apache CouchDB versions prior to 3.3.3 IBM Cloudant versions prior to 8413

Description Design document functions that receive a user HTTP request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions include list, show, rewrite, and update. An attacker can leak the session component using an HTML-like output, insert the session as an external resource, or store the credential in a local document with an update function. For the attack to succeed, the attacker must be able to insert the design documents into the database and then manipulate a user to access a function from that design document.

Recommendations For Apache CouchDB versions prior to 3.3.3, upgrade to version 3.3.3 or later. For IBM Cloudant versions prior to 8413, upgrade to version 8413 or later. As a temporary workaround, consider avoiding the use of design documents from untrusted sources that may attempt to access or manipulate request object headers. Restrict access to the vulnerable design document functions list, show, rewrite, and update to minimize the risk of exploitation.