Test ID:	1.3.6.1.4.1.25623.1.0.148036
Category:	Databases
Title:	Apache CouchDB < 3.2.2 Privilege Escalation Vulnerability - Windows - Version Check
Summary:	Apache CouchDB is prone to a privilege escalation; vulnerability.
Description:	Summary: Apache CouchDB is prone to a privilege escalation vulnerability. Vulnerability Insight: An attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. Affected Software/OS: Apache CouchDB version 3.2.1 and prior. Solution: Update to version 3.2.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-24706 http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.html http://packetstormsecurity.com/files/169702/Apache-CouchDB-Erlang-Remote-Code-Execution.html https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd https://docs.couchdb.org/en/3.2.2/setup/cluster.html https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00 http://www.openwall.com/lists/oss-security/2022/04/26/1 http://www.openwall.com/lists/oss-security/2022/05/09/1 http://www.openwall.com/lists/oss-security/2022/05/09/2 http://www.openwall.com/lists/oss-security/2022/05/09/3 http://www.openwall.com/lists/oss-security/2022/05/09/4
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.