CVE-2023-45875 – couchbase

Package

Manager: pip
Name: couchbase
Vulnerable Version: =0.10 || =0.11 || =0.11.1 || =0.7.0 || =0.7.1.post1 || =0.7.2 || =0.8.0 || =0.8.1 || =0.8.2 || =0.9 || =1.0.0 || =1.1.0 || =1.2.0 || =1.2.1 || =1.2.2 || =1.2.3 || =1.2.4 || =1.2.5 || =2.0.0 || =2.0.1 || =2.0.2 || =2.0.3 || =2.0.4 || =2.0.5 || =2.0.6 || =2.0.7 || =2.0.8 || =2.0.9 || =2.1.0 || =2.1.1 || =2.1.2 || =2.1.3 || =2.2.0 || =2.2.1 || =2.2.2 || =2.2.3 || =2.2.4 || =2.2.5 || =2.2.6 || =2.3.0 || =2.3.1 || =2.3.2 || =2.3.3 || =2.3.4 || =2.3.5 || =2.4.0 || =2.4.0a1 || =2.4.0a2 || =2.4.0b0 || =2.4.0b2 || =2.4.1 || =2.4.2 || =2.5.0 || =2.5.1 || =2.5.10 || =2.5.11 || =2.5.12 || =2.5.2 || =2.5.3 || =2.5.4 || =2.5.5 || =2.5.6 || =2.5.7 || =2.5.8 || =2.5.9 || =3.0.0 || =3.0.0a2 || =3.0.0a3 || =3.0.0a4 || =3.0.0a5 || =3.0.0a6 || =3.0.0b1 || =3.0.0b2 || =3.0.0b3 || =3.0.1 || =3.0.10 || =3.0.2 || =3.0.2b1 || =3.0.2b2 || =3.0.2b4 || =3.0.2b5 || =3.0.2b6 || =3.0.2b7 || =3.0.2b9 || =3.0.3 || =3.0.3b20 || =3.0.4 || =3.0.4b1 || =3.0.5 || =3.0.6 || =3.0.7 || =3.0.8 || =3.0.9 || =3.1.0 || =3.1.1 || =3.1.2 || =3.1.3 || =3.2.0 || =3.2.1 || =3.2.2 || =3.2.3 || =3.2.4 || =3.2.5 || =3.2.5.dev1 || =3.2.5rc1 || =3.2.6 || =3.2.7 || =4.0.0 || =4.0.0rc1 || =4.0.1 || =4.0.2 || =4.0.3 || =4.0.4 || =4.0.5 || =4.1.0 || =4.1.1 || =4.1.2 || =4.1.2rc2 || =4.1.3 || =4.1.4 || =4.1.5 || =4.1.6 || =4.1.6rc2 || =4.1.7 || =4.1.7rc1 || =4.1.8 || =4.1.8rc1 || =4.1.9 || =4.1.9rc1 || =4.1.10rc1 || =4.1.10

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00356 pctl0.57096

Details

An issue was discovered in Couchbase Server 7.2.0. There is a private key leak in debug.log while adding a pre-7.0 node to a 7.2 cluster.

Metadata

Created: 2023-11-08T21:15:00Z
Modified: 2024-01-03T21:03:33.010228Z
Source: https://osv-vulnerabilities
CWE IDs: N/A
Alternative ID: N/A
Finding: F038
Auto approve: 1