CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-46619: A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized...

7.6 CVSS

Description

A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized access to sensitive files. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or /etc/shadow.

Classification

CVE ID: CVE-2025-46619

CVSS Base Severity: HIGH

CVSS Base Score: 7.6

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.47% (scored less or equal to compared to others)

EPSS Date: 2025-05-29 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-46619
https://forums.couchbase.com/tags/security
https://docs.couchbase.com/server/current/release-notes/relnotes.html
https://www.couchbase.com/alerts/

Timeline

2025-04-30 18:40:21 UTC
CVE

A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v.7.2.7 for Windows that could allow unauthorized...