Privilege escalation vulnerability in Apache CouchDB - CVE-2018-8007 (Mac OS X)ID: oval:org.secpod.oval:def:61433 | Date: (C)2020-02-17 (M)2023-12-02 |
Class: VULNERABILITY | Family: macos |
The host is installed with Apache CouchDB before 1.7.2 or 2.x before 2.1.2 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle the validation issue in administrator-supplied configuration settings. Successful exploitation could allow attackers to escalate their privileges to that of the operating system's user under which CouchDB runs, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.15 |