In Couchbase Server 6.0.3 and Couchbase Sync Gateway through 2.7.0, the Cluster management, views, query, and full-text search endpoints are vulnerable to the Slowloris denial-of-service attack because they don't more aggressively terminate slow connections.
References
Link | Resource |
---|---|
https://www.couchbase.com/resources/security#SecurityAlerts | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-06-08T15:21:37
Updated: 2020-06-08T15:21:37
Reserved: 2020-02-17T00:00:00
Link: CVE-2020-9041
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-06-08T16:15:10.353
Modified: 2020-06-11T18:02:51.287
Link: CVE-2020-9041
JSON object: View
Redhat Information
No data.
CWE