HTTP: Apache CouchDB _config Command Execution
This signature detects attempts to exploit a known vulnerability in the CouchDB. Successful exploitation could result in arbitrary shell command execution with the privileges of the user running CouchDB.
Extended Description
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
Affected Products
Apache couchdb
Short Name
HTTP:APACHE:COUCHDB-CONFIG-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Apache CVE-2017-12636 CVE-2018-8007 Command CouchDB Execution _config bid:104741
Release Date
12/21/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Apache
CVSS Score
9.0