In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-18072 In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-03T22:48:14.440Z

Reserved: 2021-04-14T00:00:00

Link: CVE-2021-31158

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-19T19:15:08.420

Modified: 2024-11-21T06:05:12.127

Link: CVE-2021-31158

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.