Local Privilege Escalation in Apache CouchDB for Windows Systems
CVE-2016-8742

7.8HIGH

Key Information:

Vendor
Apache
Status
Apache Couchdb
Vendor
CVE Published:
12 February 2018

Summary

The Apache CouchDB installer for Windows has a security flaw that allows local privilege escalation. Due to inherited file permissions from the parent directory, a non-privileged user can replace any executable associated with the nssm.exe service or CouchDB binaries. When a service or server is restarted, these compromised binaries could execute with administrative privileges, potentially leading to unauthorized access and actions within the system. This issue was fixed in version 2.0.0.1 of CouchDB.

Affected Version(s)

Apache CouchDB 2.0.0 (Windows platform only)

References

http://mail-archives.apache.org/mod_mbox/couchdb-dev/2016...
mailing-listx_refsource_MLIST
https://www.exploit-db.com/exploits/40865/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/94766
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.