Security Advisory

CVE-2019-11466

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-10 17:02:30

Last updated 2024-08-04 22:55:40

Assigner mitre

State PUBLISHED

Description

In Couchbase Server 6.0.0 and 5.5.0, the eventing service exposes system diagnostic profile via an HTTP endpoint that does not require credentials on a port earmarked for internal traffic only. This has been remedied in version 6.0.1 and now requires valid credentials to access.

← Browse all CVEs View on cve.org ↗