CVE-2022-32565Log File Information Exposure in Server

CWE-532Log File Information Exposure3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 36.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Couchbase Server
Timeline
PublishedJun 13
Latest updateJun 14

Description

An issue was discovered in Couchbase Server before 7.0.4. The Backup Service log leaks unredacted usernames and document ids.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDcouchbase/couchbase_server7.0.07.1.0

🔴Vulnerability Details

2
GHSA
GHSA-664p-jcw3-2557: An issue was discovered in Couchbase Server before 72022-06-14
CVEList
CVE-2022-32565: An issue was discovered in Couchbase Server before 72022-06-13
CVE-2022-32565 — Log File Information Exposure | cvebase