Exploit for #VU62595 Missing Authentication for Critical Function in CouchDB
Vulnerability identifier: #VU62595
Vulnerability risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-306
Exploitation vector: Network
Exploits in database: 6
- November 17, 2022
- November 1, 2022
- Apache Couchdb Erlang RCE [Metasploit]
- September 6, 2022
- CVE-2022-24706-CouchDB-Exploit () [Github]
- May 23, 2022
- May 13, 2022
- Apache CouchDB 3.2.1 - Remote Code Execution (RCE) [Exploit-DB]
- May 11, 2022
- Apache CouchDB 3.2.1 Remote Code Execution [Packet Storm]
Impact: Information disclosure and data manipulation
Vulnerable software:
CouchDB
Server applications /
Database software
Vendor: Apache Foundation
