SB2019091047 - Multiple vulnerabilities in Couchbase Server

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019091047

SB2019091047 - Multiple vulnerabilities in Couchbase Server

Published: September 10, 2019 Updated: August 8, 2020

Security Bulletin ID SB2019091047
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Resource exhaustion (CVE-ID: CVE-2019-11467)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like , <, >, it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer service to crash and restart. This has been remedied in versions 5.1.2 and 5.5.2 to ensure buffer always grows as needed for any input.


2) Cross-site scripting (CVE-ID: CVE-2019-11464)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Some enterprises require that REST API endpoints include security-related headers in REST responses. Headers such as X-Frame-Options and X-Content-Type-Options are generally advisable, however some information security professionals additionally look for X-Permitted-Cross-Domain-Policies and X-XSS-Protection, which are more generally applicable to HTML endpoint, to be included too. These headers were not included in Couchbase Server 5.5.0 and 5.1.2 . They are now included in version 6.0.2 in responses from the Couchbase Server Views REST API (port 8092).


Remediation

Install update from vendor's website.

References