CVE-2017-12636
N/A
N/A
Summary
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache CouchDB | 1.2.0 to 1.6.1 | affected |
| Apache Software Foundation | Apache CouchDB | 2.0.0 to 2.1.0 | affected |
Weaknesses
- Information Disclosure
ADP Enrichment
CVE Program Container
Additional References
- https://www.exploit-db.com/exploits/45019/
- https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67%40%3Cdev.couchdb.apache.org%3E
- https://www.exploit-db.com/exploits/44913/
- https://security.gentoo.org/glsa/201711-16
- https://lists.debian.org/debian-lts-announce/2018/01/msg00026.html
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03935en_us
References
- https://www.exploit-db.com/exploits/45019/
- https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67%40%3Cdev.couchdb.apache.org%3E
- https://www.exploit-db.com/exploits/44913/
- https://security.gentoo.org/glsa/201711-16
- https://lists.debian.org/debian-lts-announce/2018/01/msg00026.html
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu03935en_us
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.