Exploit for #VU62595 Missing Authentication for Critical Function in CouchDB
Vulnerability identifier: #VU62595
Vulnerability risk: High
CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2022-24706
CWE-ID:
CWE-306
Exploitation vector: Network
Exploits in database: 6
- November 17, 2022
- November 1, 2022
- Apache Couchdb Erlang RCE [Metasploit]
- September 6, 2022
- CVE-2022-24706-CouchDB-Exploit () [Github]
- May 23, 2022
- May 13, 2022
- Apache CouchDB 3.2.1 - Remote Code Execution (RCE) [Exploit-DB]
- May 11, 2022
- Apache CouchDB 3.2.1 Remote Code Execution [Packet Storm]
Vulnerable software:
CouchDB
Server applications /
Database software
Vendor: Apache Foundation
