Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2021-35943 | Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513. |
Assigned (20210629) | MISC:https://docs.couchbase.com/server/current/release-notes/relnotes.html | MISC:https://www.couchbase.com/alerts |
Page created: