CVE-2023-50437

CWE-2663 documents3 sources

Severity

8.6HIGH

EPSS

0.3%

top 43.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Couchbase Couchbase Server

Timeline

PublishedFeb 29

Description

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:LExploitability: 3.9 | Impact: 4.7

Affected Packages1 packages

▶NVDcouchbase/couchbase_server2.0.0 — 7.2.4

🔴Vulnerability Details

GHSA

GHSA-mrff-v44r-8gc2: An issue was discovered in Couchbase Server before 7↗2024-02-29

▶

CVEList

CVE-2023-50437: An issue was discovered in Couchbase Server before 7↗2024-02-28

▶