Threat Encyclopedia



This indicates an attack attempt to exploit a Command Execution vulnerability in Apache CouchDB.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted HTTP request. A remote attacker may be able to exploit this to elevate their privileges, via a crafted HTTP request.

affected-products-logoAffected Products

Apache Software Foundation CouchDB prior to 1.7
Apache Software Foundation CouchDB prior to 2.1.1


System Compromise: Remote attacker can gain control of vulnerable systems.

CVE References

CVE-2018-8007 CVE-2017-12636