26 Jui 2019
Vulnérabilité CVE-2019-9039 CVE Vulnerability
The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the ?_all_docs? endpoint. (CVSS:7.5) (Last Update:2019-07-01)
Vulnerability Details : The Couchbase Sync Gateway 2.1.2 in combination with a Couchbase Server is affected by a previously undisclosed N1QL-injection vulnerability in the REST API. An attacker with access to the public REST API can insert additional N1QL statements through the parameters ?startkey? and ?endkey? of the ?_all_docs? endpoint. Publish Date : 2019-06-26 Last Update Date : 2019-07-01 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-9039
- Number Of Affected Versions By Product
- References For CVE-2019-9039
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-9039There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |