PT-2025-31263 · Couchbase · Couchbase Sync Gateway
Published
2025-07-29
·
Updated
2025-07-29
·
CVE-2025-52490
CVSS v3.1
7.3
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Couchbase Sync Gateway versions prior to 3.2.6
Description
An issue was discovered where cleartext passwords were present in both redacted and unredacted output within the
sgcollect info options.log and sync gateway.log files.Recommendations
Update to a version newer than 3.2.6.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Couchbase Sync Gateway