Bird_banner_small4
Apache CouchDB JSON Remote Privilege Escalation
TSL ID TSL20171120-05
CVE ID(s) CVE-2017-12635
Severity Critical
Description

A privilege escalation vulnerability has been reported in CouchDB. The vulnerability is due to a discrepancy between the behavior of the Erlang and JavaScript JSON parsers used within CouchDB.

A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a vulnerable server. Successful exploitation could result in an unauthorized user gaining access to CouchDB.

The vendor, Apache, has released the following advisory regarding this vulnerability:

https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67@%3Cdev.couchdb.apache.org%3E

Affected Products
  • Apache Software Foundation CouchDB prior to 1.7
  • Apache Software Foundation CouchDB prior to 2.1.1
CVSS Score Base 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P):
  • Access vector is NETWORK
  • Access complexity is LOW
  • Level of authentication required is NONE
  • Impact of this vulnerability on data confidentiality is PARTIAL
  • Impact of this vulnerability on data integrity is PARTIAL
  • Impact of this vulnerability on data availability is PARTIAL
Temporal 5.9 (E:POC/RL:OF/RC:C):
  • The exploitability level of this vulnerability is PROOF OF CONCEPT
  • The remediation level of this vulnerability is OFFICIAL FIX
  • The report confidence level of this vulnerability is CONFIRMED
Identifiers
BID
References https://justi.cz/security/2017/11/14/couchdb-rce-npm.html
https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67@%3Cdev.couchdb.apache.org%3E
Related Threats