In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression queries were not correctly checking the user's permissions, allowing read-access to resources beyond what those users were explicitly allowed to access.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-05-19T18:37:15

Updated: 2024-08-03T22:48:14.440Z

Reserved: 2021-04-14T00:00:00

Link: CVE-2021-31158

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-19T19:15:08.420

Modified: 2024-11-21T06:05:12.127

Link: CVE-2021-31158

cve-icon Redhat

No data.