Enterprise Security Alerts - April 2025

Shaazin

May 13, 2025 12:20 Updated

CVE	Synopsis	Impact (CVSS)	Products	Affects Version	Fix Version	Publish Date
CVE-2025-46619	Local File Inclusion Vulnerability identified in Couchbase Server for Windows A security issue has been discovered in Couchbase Server for Windows that could allow unauthorized access to sensitive files on the system. Depending on the level of privileges, this vulnerability may grant access to files such as /etc/passwd or /etc/shadow.	High (8.7)	Couchbase Server	Server 7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.2.6, 7.2.5, 7.2.4, 7.2.3, 7.2.2, 7.2.1, 7.2.0, 7.1.x, 7.0.x, 6.x, 5.x, 4.x, 3.x, 2.x	Server 7.6.4, 7.2.7	April 2025
CVE-2024-21235	Update JDK to 17.0.13 This vulnerability is challenging to exploit but allows an unauthenticated attacker with network access via multiple protocols to potentially compromise the affected products. Successful exploitation could result in unauthorized updates, insertions, or deletions of accessible data, as well as unauthorized read access to certain data subsets.	Medium (4.8)	Couchbase Server	Server 7.6.3, 7.6.2, 7.6.1, 7.6.0, 7.2.6, 7.2.5, 7.2.4, 7.2.3, 7.2.2, 7.2.1, 7.2.0, 7.1.x, 7.0.x, 6.x	Server 7.6.4, 7.2.7	April 2025

Related articles