The host is installed with Couchbase Server before 7.0.4 and is prone to a improper authentication vulnerability. A flaw is present in the application, which fails to properly handle the XDCR internal settings. Successful exploitation could allow attackers to modify XDCR internal settings without any authentication.