{"vulnerability": "cve-2021-42763", "sightings": [{"uuid": "02e2c887-3a00-4b5b-ac0b-4d9fb75692a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42763", "type": "seen", "source": "https://t.me/cibsecurity/31594", "content": "\u203c CVE-2021-42763 \u203c\n\nCouchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI (query workbench etc) to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request, has the \"@\" user credentials of the node processing the UI request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-02T15:22:39.000000Z"}]}