CVE-2023-49932

MEDIUM

Couchbase Server <7.2.4 - Auth Bypass

Title source: llm

An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL host restrictions.

Core 3

Core References

Release Notes

Issue Tracking

Vendor Advisory

CVSS v3 5.4

EPSS 0.0053

EPSS Percentile 40.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

CWE

CWE-281

Status published

Products (1)

couchbase/couchbase_server 5.0.0 - 7.2.4

Published Feb 29, 2024

Tracked Since Feb 18, 2026