CVE-2022-24706
Apache CouchDB Insecure Default Initialization of Resource Vulnerability
CVSS
—
No CVSS
EPSS
92.5%
p100
KEV
YES
Aug 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
92.3%EPSS · 30 days92.5%
2026-06-302026-07-16
Product
Apache / CouchDB
Vulnerability
Apache CouchDB Insecure Default Initialization of Resource Vulnerability
Added to KEV
Aug 25, 2022
Remediate by
Sep 15, 2022
Known ransomware use
No
Summary description
Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges.
Required action
Apply updates per vendor instructions.
Notes
https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00; https://nvd.nist.gov/vuln/detail/CVE-2022-24706
No related CVEs by CWE or product.