ID de Prueba:	1.3.6.1.4.1.25623.1.0.148869
Categoría:	Databases
Título:	Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Active Check
Resumen:	Apache CouchDB is prone to a privilege escalation; vulnerability.
Descripción:	Summary: Apache CouchDB is prone to a privilege escalation vulnerability. Vulnerability Insight: An attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. Affected Software/OS: Apache CouchDB version 3.2.1 and prior. Solution: Update to version 3.2.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-24706 http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.html http://packetstormsecurity.com/files/169702/Apache-CouchDB-Erlang-Remote-Code-Execution.html https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd https://docs.couchdb.org/en/3.2.2/setup/cluster.html https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00 http://www.openwall.com/lists/oss-security/2022/04/26/1 http://www.openwall.com/lists/oss-security/2022/05/09/1 http://www.openwall.com/lists/oss-security/2022/05/09/2 http://www.openwall.com/lists/oss-security/2022/05/09/3 http://www.openwall.com/lists/oss-security/2022/05/09/4
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.