Lucene search
China National Vulnerability DatabaseCNVD-2021-103658HistoryOct 15, 2021 - 12:00 a.m.
Apache CouchDB permission permission and access control issues vulnerability
2021-10-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
15
apache
couchdb
permission
access control
vulnerability
database
security restrictions
remote authenticated user
html attachments
administrator
browser
cnvd
erlang
EPSS
0
Percentile
5.1%
Apache CouchDB is a document-oriented database system developed by the Apache Foundation using Erlang.Apache CouchDB is vulnerable to a permission and access control issue that arises when an application fails to properly impose security restrictions and a remote authenticated user with permission to create documents in the database attaches HTML attachments to documents. If a CouchDB administrator opens such an attachment, the HTML code is executed in the administrator’s browser. No details of the vulnerability are currently available.
Related
mageia
mageia
Updated couchdb packages fix security vulnerability
2021-11-25 16:06:13
nvd
nvd
CVE-2021-38295
2021-10-14 20:15:09
githubexploit
githubexploit
Exploit for Cross-site Scripting in Apache Couchdb
2021-10-14 15:45:21
prion
prion
Privilege escalation
2021-10-14 20:15:00
openvas
openvas
Apache CouchDB <= 3.1.1 Privilege Escalation Vulnerability - Linux
2021-10-18 00:00:00
Apache CouchDB <= 3.1.1 Privilege Escalation Vulnerability - Windows
2021-10-18 00:00:00
Mageia: Security Advisory (MGASA-2021-0520)
2022-01-28 00:00:00
osv
osv
BIT-couchdb-2021-38295
2024-03-06 10:51:34
CVE-2021-38295
2021-10-14 20:15:09
nessus
nessus
Apache CouchDB < 3.1.2 Privilege Escalation
2023-09-29 00:00:00
cve
cve
CVE-2021-38295
2021-10-14 20:15:09
redhatcve
redhatcve
CVE-2021-38295
2021-11-29 06:26:42
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2021-38295
2021-10-14 00:00:00
