CVE-2022-24706 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-24706 Interim 1 6 2025-02-16T03:09:06Z current 2022-04-27T23:51:31Z 2025-02-16T03:09:06Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-24706 In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 couchdb couchdb as a component of SUSE OpenStack Cloud Crowbar 8 couchdb as a component of SUSE OpenStack Cloud Crowbar 9 In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation without authenticating and gain admin privileges. The CouchDB documentation has always made recommendations for properly securing an installation, including recommending using a firewall in front of all CouchDB installations. CVE-2022-24706 SUSE OpenStack Cloud Crowbar 8:couchdb SUSE OpenStack Cloud Crowbar 9:couchdb important 10 AV:N/AC:L/Au:N/C:C/I:C/A:C 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L