← back
CVE-2022-24706

Remote Code Execution Vulnerability in Packaging

CVSS 9.8 CRITICALEPSS 92.3%● KEVCWE-1188
In short

Apache CouchDB before version 3.2.2 allows anyone to access an unsecured default installation without a password and become an administrator. This is dangerous because attackers can then control the entire database system.

Technical detail

Unauthenticated remote attackers can exploit improper default configuration in CouchDB <3.2.2 to gain administrative privileges through direct access to the exposed API endpoint. Prerequisite: default installation without proper firewall or authentication mechanisms enabled. Impact includes complete database compromise, data theft, manipulation, and deletion.

Summary generated and translated by AI from the official description.
In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Apache Software Foundation · Apache CouchDB
public PoCs found7
githubgithub.com/sadshade/CVE-2022-24706-CouchDB-Exploit29githubgithub.com/ahmetsabrimert/Apache-CouchDB-CVE-2022-24706-RCE-Exploits-Blog-post-1githubgithub.com/superzerosec/CVE-2022-247060githubgithub.com/becrevex/CVE-2022-247060cve_referencepacketstormsecurity.com/files/169702/Apache-CouchDB-Erlang-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/50914unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/169702/Apache-CouchDB-Erlang-Remote-Code-Execution.htmlhttps://docs.couchdb.org/en/3.2.2/setup/cluster.htmlhttps://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00https://medium.com/%40_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcdhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24706http://www.openwall.com/lists/oss-security/2022/04/26/1http://www.openwall.com/lists/oss-security/2022/05/09/1http://www.openwall.com/lists/oss-security/2022/05/09/2http://www.openwall.com/lists/oss-security/2022/05/09/3http://www.openwall.com/lists/oss-security/2022/05/09/4