CVE-2021-38295
published 2021-10-14CVE-2021-38295: In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin…
high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
In Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | couchdb | < 3.1.2 | 3.1.2 |
| apache_software_foundation | apache_couchdb | >= Apache CouchDB < 3.1.2 | 3.1.2 |
| apache_software_foundation | ibm_cloudant | >= IBM Cloudant < 8201 | 8201 |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
osv7.3HIGH