Intrusion Prevention

Apache.CouchDB.Config.Command.Execution

Description

This indicates an attack attempt to exploit a Command Execution vulnerability in Apache CouchDB.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted HTTP request. A remote attacker may be able to exploit this to elevate their privileges, via a crafted HTTP request.

Affected Products

Apache Software Foundation CouchDB prior to 1.7
Apache Software Foundation CouchDB prior to 2.1.1

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

CVE References

CVE-2017-12636