Unauthenticated projector and indexer REST endpoints

manish_bansal · March 26, 2020, 7:09am

There is a mention of security vulnerability on couchbase website (https://www.couchbase.com/resources/security#SecurityAlerts) as below.
Synopsis:
Unauthenticated projector and indexer REST endpoints

Update all projector and indexer REST endpoints to require authentication

Affected versions:
4.0.0
5.0.0
5.5.0
5.5.1

Fixed versons:
6.0.0
5.5.2
5.1.2

Now, i couldn’t get any more details on this issue.Synopsis does not seem to be informative. Can anyone point me somewhere this issue is properly documented and its available fix? As of now, all i can understand is to upgrade the version and deploy any of the fixed version.

s_ganesh_Singh · July 25, 2020, 3:41pm

I think the only fix is to upgrade the couchbase server software version. After upgrading to 6.5.1v , the issue no longer exists.