CVE-2018-17188 is a vulnerability in Apache Couchdb
Published on January 2, 2019
Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full system entry for unauthenticated users. Rather than waiting for new vulnerabilities to be discovered, and fixing them as they come up, the CouchDB development team decided to make changes to avoid this entire class of vulnerabilities.
Products Associated with CVE-2018-17188
Want to know whenever a new CVE is published for Apache Couchdb? stack.watch will email you.
Affected Versions
Apache Software Foundation Apache CouchDB Version All is affected by CVE-2018-17188Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.