JS Env Collision in Apache CouchDB Design Docs (<3.2.3/3.3.2)
CVE-2023-26268 Published on May 2, 2023
Apache CouchDB, IBM Cloudant: Information sharing via couchjs processes
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions:
* validate_doc_update
* list
* filter
* filter views (using view functions as filters)
* rewrite
* update
This doesn't affect map/reduce or search (Dreyfus) index functions.
Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3).
Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.
Vulnerability Analysis
CVE-2023-26268 is exploitable with network access, requires user interaction and a small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2023-26268 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2023-26268
stack.watch emails you whenever new vulnerabilities are published in Apache Couchdb or IBM Cloudant. Just hit a watch button to start following.
Affected Versions
Apache Software Foundation Apache CouchDB:- Before and including 3.3.1 is affected.
- Before and including 8349 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.