PT-2025-18309 · Couchbase · Couchbase Server
Published
2025-04-30
·
Updated
2025-06-25
·
CVE-2025-46619
CVSS v3.1
7.6
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Couchbase Server versions prior to 7.6.4
Couchbase Server version 7.2.7 and earlier for Windows
Description
A security issue has been discovered that could allow unauthorized access to sensitive files, potentially granting access to files such as /etc/passwd or /etc/shadow, depending on the level of privileges.
Recommendations
For Couchbase Server versions prior to 7.6.4, update to version 7.6.4 or later to resolve the issue.
For Couchbase Server version 7.2.7 and earlier for Windows, update to version 7.2.7 or later to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Couchbase Server