Security Advisory

CVE-2021-27924

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-19 19:01:24
Last updated 2024-08-03 21:33:17
Assigner mitre
State PUBLISHED

Description

An issue was discovered in Couchbase Server 6.x through 6.6.1. The Couchbase Server UI is insecurely logging session cookies in the logs. This allows for the impersonation of a user if the log files are obtained by an attacker before a session cookie expires.