CVE-2025-52490
published 2025-07-29CVE-2025-52490: An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted…
PriorityP338high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
EPSS
0.18%
7.8th percentile
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| couchbase | sync_gateway | < 3.2.6 | 3.2.6 |
| github.com | couchbase_sync_gateway | >= 0 < 3.2.6 | 3.2.6 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pqhp-4xfc-hjgq: An issue was discovered in Couchbase Sync Gateway before 3
ghsa_unreviewed·2025-07-29
CVE-2025-52490 [HIGH] CWE-319 GHSA-pqhp-4xfc-hjgq: An issue was discovered in Couchbase Sync Gateway before 3
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output.
GHSA
Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
ghsa·2025-07-29
CVE-2025-52490 [HIGH] CWE-319 Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output
An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passwords in redacted and unredacted output.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-07-29
Published