Vulnerability CVE-2019-11495


Published: 2019-09-10

Description:
Couchbase Server 5.1.1 generates insufficiently random numbers. The product hosts many network services by default. One of those services is an epmd service, which allows for node integration between Erlang instances. This service is protected by a single 16-character password. Unfortunately, this password is not generated securely due to an insufficient random seed, and can be reasonably brute-forced by an attacker to execute code against a remote system.

Type:

CWE-94

(Improper Control of Generation of Code ('Code Injection'))

Vendor: Couchbase
Product: Couchbase server 
Version: 5.1.1;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://www.couchbase.com/resources/security#SecurityAlerts

Related CVE
CVE-2019-11497
An issue was discovered in Couchbase Server 5.0.0. When creating a new remote cluster reference in Couchbase for XDCR, an invalid certificate is accepted. (The correct behavior is to validate the certificate against the remote cluster.)
CVE-2019-11496
An issue was discovered in Couchbase Server 5.0.0. Editing bucket settings resets credentials, and leads to authorization without credentials.
CVE-2019-11467
An issue was discovered in Couchbase Server 4.6.3 and 5.5.0. A JSON document to be stored with more than 3000 '\t' characters can crash the indexing system.
CVE-2019-11466
An issue was discovered in Couchbase Server 5.5.0 and 6.0.0. The Eventing debug endpoint mishandles authentication and audit.
CVE-2019-11465
An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6.0.0. The Memcached "connections" stat block command emits a non-redacted username. The system information submitted to Couchbase as part of a bug report included the usernames for ...
CVE-2019-11464
An issue was discovered in Couchbase Server 5.1.2 and 5.5.0. The http server on port 8092 lacks an X-XSS protection header.
CVE-2019-9039
The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through...
CVE-2018-15728
An issue was discovered in Couchbase Server. Authenticated users can send arbitrary Erlang code to the 'diag/eval' endpoint of the REST API (available by default on TCP/8091 and/or TCP/18091). The executed code in the underlying operating system will...

Copyright 2019, cxsecurity.com

 

Back to Top