CVE-2010-2234

Apache CouchDB 0.8.0-0.11.0 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation URL.

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2010/Aug/199
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/513174/100/0/threaded
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=624764
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/42501

Scores

EPSS 0.0183
EPSS Percentile 76.4%

Details

CWE
CWE-352
Status published
Products (8)
apache/couchdb 0.8.0
apache/couchdb 0.8.1
apache/couchdb 0.9.0
apache/couchdb 0.9.1
apache/couchdb 0.9.2
apache/couchdb 0.10.0
apache/couchdb 0.10.1
apache/couchdb 0.11.0
Published Aug 19, 2010
Tracked Since Feb 18, 2026