Vulnerabilities > CVE-2021-31158 - Incorrect Authorization vulnerability in Couchbase Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |