Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
CouchDB servers are often exposed to the internet. Public exploit code is available with attack tools such as Metasploit, and this vulnerability can be linked with other vulnerabilities (such as CVE-2017-12636) in an attack chain. The attacker can gain administrative access to the server and an entry point to launch further attacks on the network.
Kill Chain
Risk Score
83
CouchDB is an Apache NoSQL database based on the JSON data storage format. CouchDB has a vulnerability in how duplicated roles keys in a JSON payload are processed and validated. An attacker sends an HTTP request to create a database user. The request includes a JSON payload that has duplicated roles keys with different values. For example, one of the values is empty, and the other value is "_admin". After the CouchDB server receives the request, the JSON payload is processed by two different JSON parsing implementations. One JSON implementation validates the roles but incorrectly returns the empty value for the roles key. The other JSON implementation creates the new user but incorrectly returns the "_admin" value for the roles key. As a result, the new user is granted administrative access to the database.
