Apache.CouchDB.Default.Cookie.Command.Injection
Description
This indicates an attack attempt to exploit a Default Cookie Command Injection vulnerability in Apache CouchDB.
The vulnerability is due to the insecure default initialization of resources. A remote attacker may be able to exploit this to execute commands with administrative privileges, via a crafted packet sent to a vulnerable system.
Affected Products
Apache Software Foundation CouchDB prior to 3.2.2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://couchdb.apache.org/#download
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-03-21 | 27.753 | Sig Added |
2023-09-28 | 25.646 | Sig Added |
2022-12-06 | 22.452 | Sig Added |
2022-09-15 | 22.394 | Default_action:pass:drop |
2022-09-01 | 22.385 |