SB2018081308 - Multiple vulnerabilities in Apache CouchDB
Published: August 13, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Privilege escalation (CVE-ID: CVE-2018-11769)
The vulnerability allows a remote administrative attacker to gain elevated privileges on the target system.
The vulnerability exists due to insufficient validation of administrator-supplied configuration settings via the HTTP API. A remote attacker can bypass the blacklist of configuration settings that are not allowed to be modified via the HTTP API and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
2) OS command injection (CVE-ID: CVE-2017-12636)
The vulnerability allows a remote administrative attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can configure the database server via HTTP(S) that include(s) paths for operating system-level binaries that are subsequently launched by CouchDB to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
Successful exploitation of the vulnerability may result in system compromise.
3) Privilege escalation (CVE-ID: CVE-2018-8007)
The vulnerability allows a remote administrative attacker to gain elevated privileges on the target system.
The vulnerability exists due to insufficient validation of administrator-supplied configuration settings via the HTTP API. A remote attacker can bypass the blacklist of configuration settings that are not allowed to be modified via the HTTP API and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Install update from vendor's website.