FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

couchdb -- administrator privilege escalation

Affected packages
couchdb < 2.2.0,2

Details

VuXML ID 9b19b6df-a4be-11e8-9366-0028f8d09152
Discovery 2018-06-05
Entry 2018-08-08

Apache CouchDB PMC reports:

Database Administrator could achieve privilege escalation to the account that CouchDB runs under, by abusing insufficient validation in the HTTP API, escaping security controls implemented in previous releases.

[source]

References

CVE Name CVE-2018-11769
URL http://docs.couchdb.org/en/stable/cve/2018-11769.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.