CVE-2022-26311
First published: Mon Mar 07 2022(Updated: )
Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive Information to an Unauthorized Actor. Secrets are not redacted in logs collected from Kubernetes environments.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Couchbase Cloud Native Operator | >=2.2.0<2.2.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2022-26311.
What is the title of this vulnerability?
The title of this vulnerability is Couchbase Operator 2.2.x before 2.2.3 exposes Sensitive Information to an Unauthorized Actor.
What is the severity level of CVE-2022-26311?
The severity level of CVE-2022-26311 is high with a score of 7.5 out of 10.
How does CVE-2022-26311 impact Couchbase Operator 2.2.x before 2.2.3?
CVE-2022-26311 exposes sensitive information to an unauthorized actor. Secrets are not redacted in logs collected from Kubernetes environments.
How can I fix CVE-2022-26311?
To fix CVE-2022-26311, update to Couchbase Operator version 2.2.3 or later.
- collector/nvd-index
- agent/first-publish-date
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/type
- agent/description
- agent/author
- agent/references
- agent/severity
- collector/mitre-cve
- source/MITRE
- vendor/couchbase
- canonical/couchbase cloud native operator
- version/couchbase cloud native operator/2.2.0