CVE-2025-49015 Information
Jun 19, 2025
cve
Description
The Couchbase .NET SDK (client library) before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default.
Reference
https://docs.couchbase.com/server/current/release-notes/relnotes.html https://forums.couchbase.com/tags/security https://www.couchbase.com/alerts/
Related CNNVD
CNNVD-202506-2531 (Published: 2025-06-18)
Share on: