PT-2024-13136 · Couchbase · Couchbase Server
Published
2024-03-26
·
Updated
2024-08-05
·
CVE-2023-43768
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Couchbase Server versions 6.6.x through 7.2.0
Description
An issue was discovered in Couchbase Server where unauthenticated users may cause memcached to run out of memory via large commands.
Recommendations
For Couchbase Server versions 6.6.x through 7.1.4, update to version 7.1.5 or later.
For Couchbase Server versions 7.2.0, update to version 7.2.1 or later.
As a temporary workaround, consider restricting access to memcached to minimize the risk of exploitation.
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Couchbase Server