PT-2025-31263 · Couchbase · Couchbase Sync Gateway

Published

2025-07-29

Updated

2025-07-29

CVE-2025-52490

Report an issue

CVSS v3.1

7.3

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions:

Couchbase Sync Gateway versions prior to 3.2.6

Description:

An issue was discovered where cleartext passwords were present in both redacted and unredacted output within the `sgcollect info options.log` and `sync gateway.log` files.

Recommendations:

Update to a version newer than 3.2.6.

Fix

Cleartext Transmission of Sensitive Information

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2025-52490

Affected Products

Couchbase Sync Gateway

PT-2025-31263 · Couchbase · Couchbase Sync Gateway

Weakness Enumeration

Related Identifiers

Affected Products

References · 7