Vulnerability Description
An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Couchbase | Couchbase Server | >= 6.6.0, < 7.1.5 |
Related Weaknesses (CWE)
References
- https://docs.couchbase.com/server/current/release-notes/relnotes.htmlRelease Notes
- https://forums.couchbase.com/tags/securityProduct
- https://www.couchbase.com/alerts/Vendor Advisory
- https://www.couchbase.com/downloadsProduct
- https://docs.couchbase.com/server/current/release-notes/relnotes.htmlRelease Notes
- https://forums.couchbase.com/tags/securityProduct
- https://www.couchbase.com/alerts/Vendor Advisory
- https://www.couchbase.com/downloadsProduct
FAQ
What is CVE-2023-43768?
CVE-2023-43768 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Couchbase Server 6.6.x through 7.2.0, before 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
How severe is CVE-2023-43768?
CVE-2023-43768 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-43768?
Check the references section above for vendor advisories and patch information. Affected products include: Couchbase Couchbase Server.