Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
7.6.0
-
Untriaged
-
0
-
No
Description
Steps to reproduce:
/opt/couchbase/bin/couchbase-cli setting-audit -c http://localhost -u Administrator -p password --set --audit-enabled 1 |
|
curl -g -k -X PUT http://localhost:8097/api/v1/plan/BackupAndMergePlan -u Administrator:wrongpassword -d '{"name": "Backuptest","options": null,"full_backup": true},{"name": "test","task_type":"MERGE","full_backup":null}' |
|
cat /opt/couchbase/var/lib/couchbase/logs/audit.log
|
The unauthorised access is reported in 7.2.4:
{"description":"A user has been denied access to the REST API due to invalid permissions or credentials","id":45074,"local":{"ip":"::1","port":8097},"method":"PUT","name":"Access denied","real_userid":{"domain":"internal","user":"unknown"},"remote":{"ip":"::1","port":49804},"status":401,"timestamp":"2024-01-17T06:49:41.076-08:00"} |
It started before 7.6.0-1453 (I am trying to identify the exact build but it will take time).
Server logs will be attached soon.