EN
Русский
TCP
Dangerous
Database
Port 5984 (CouchDB)
Learn about port 5984 (CouchDB) - security risks, vulnerabilities, and common uses. Find devices with port 5984 open.
Quick Info
Port Number
5984
Protocol
TCP
Service
CouchDB
IANA Name
CouchDB
Service Description
TCP port 5984 is commonly associated with CouchDB, an open-source, document-oriented NoSQL database that uses JSON to store data. CouchDB is designed for high availability, fault tolerance, and scalability. It employs a RESTful HTTP API for interaction, making it accessible and easy to integrate with various applications and programming languages. The protocol relies heavily on HTTP methods like GET, POST, PUT, and DELETE for performing CRUD (Create, Read, Update, Delete) operations on documents and databases. Replication is a core feature, allowing data to be synchronized between multiple CouchDB instances, even across geographically distributed locations. This replication process also uses HTTP and can be configured for various scenarios, including master-slave, master-master, and peer-to-peer setups.
At a technical level, CouchDB stores data in JSON documents within databases. Each document has a unique ID and revision number, which are crucial for handling concurrent updates and resolving conflicts during replication. CouchDB uses the MapReduce paradigm for querying data. Map functions transform documents into key-value pairs, and reduce functions aggregate the results to provide summarized information. Views, which are persistent MapReduce functions, are used to efficiently retrieve and query data. CouchDB uses the Erlang programming language for its core implementation, leveraging Erlang's concurrency and fault-tolerance capabilities. Authentication and authorization are typically handled through HTTP authentication mechanisms, such as Basic Authentication or OAuth.
## Firewall Recommendations
Blocking port 5984 is recommended unless the service is required. If needed, restrict access to only trusted IP addresses or networks. Implement strong authentication and authorization mechanisms, such as using strong passwords and properly configuring CouchDB's security features. Regularly update CouchDB to the latest version to patch known vulnerabilities. Consider using a reverse proxy or VPN to further protect the service from direct exposure to the internet. Monitor network traffic for suspicious activity and implement intrusion detection/prevention systems. Disable default configurations and remove or restrict access to unnecessary API endpoints. Ensure proper input validation to prevent command injection and other related vulnerabilities. Regularly audit your CouchDB configuration and security practices to identify and address potential weaknesses.
At a technical level, CouchDB stores data in JSON documents within databases. Each document has a unique ID and revision number, which are crucial for handling concurrent updates and resolving conflicts during replication. CouchDB uses the MapReduce paradigm for querying data. Map functions transform documents into key-value pairs, and reduce functions aggregate the results to provide summarized information. Views, which are persistent MapReduce functions, are used to efficiently retrieve and query data. CouchDB uses the Erlang programming language for its core implementation, leveraging Erlang's concurrency and fault-tolerance capabilities. Authentication and authorization are typically handled through HTTP authentication mechanisms, such as Basic Authentication or OAuth.
## Firewall Recommendations
Blocking port 5984 is recommended unless the service is required. If needed, restrict access to only trusted IP addresses or networks. Implement strong authentication and authorization mechanisms, such as using strong passwords and properly configuring CouchDB's security features. Regularly update CouchDB to the latest version to patch known vulnerabilities. Consider using a reverse proxy or VPN to further protect the service from direct exposure to the internet. Monitor network traffic for suspicious activity and implement intrusion detection/prevention systems. Disable default configurations and remove or restrict access to unnecessary API endpoints. Ensure proper input validation to prevent command injection and other related vulnerabilities. Regularly audit your CouchDB configuration and security practices to identify and address potential weaknesses.
Security Information
Exposing CouchDB directly to the internet without proper security measures can lead to significant security risks. Common attack vectors include unauthorized access to sensitive data, data manipulation, and denial-of-service (DoS) attacks. If CouchDB's authentication is weak or disabled, attackers can gain complete control over the database, potentially reading, modifying, or deleting data. Furthermore, vulnerabilities in CouchDB's code, such as those related to input validation or authentication bypasses, can be exploited to execute arbitrary code on the server. The RESTful HTTP API, while convenient, also provides a clear attack surface if not adequately secured. Attackers may target this port to exploit known vulnerabilities, launch brute-force attacks against weak credentials, or inject malicious code through vulnerable API endpoints. Default configurations, especially those with weak or no authentication, are particularly attractive targets.
Known Vulnerabilities
| CVE | Name | Severity | Description |
|---|---|---|---|
| CVE-2017-12636 | Apache CouchDB Remote Code Execution Vulnerability | Critical | Удаленное выполнение кода возможно из-за недостаточной проверки входных данных в API CouchDB. Злоумышленник может выполнить произвольный код на сервере. |
| CVE-2017-12635 | Apache CouchDB Authentication Bypass Vulnerability | High | Обход аутентификации позволяет неавторизованным пользователям получать доступ к конфиденциальным данным и функциям. |
| CVE-2022-24706 | Apache CouchDB Unauthorized Information Disclosure Vulnerability | Medium | Несанкционированное раскрытие информации может произойти из-за недостаточной защиты данных в CouchDB. |
Common Software
- Apache CouchDB
- PouchDB (клиентская библиотека, взаимодействующая с CouchDB)
- Cloudant (облачная база данных на основе CouchDB)
- IBM Domino (использует CouchDB в некоторых конфигурациях)
- Kanso (фреймворк для разработки веб-приложений на CouchDB)
- Hoodie (бекенд для офлайн-первых веб-приложений)
- Iris Couch (хостинг CouchDB)
- Couchbase (хотя и отдельная база данных, использует некоторые концепции CouchDB)
Find devices with this port
Discover all devices with port 5984 open in any country.
Search Port 5984Find all devices with port 5984 open
ScaniteX scans millions of IPs to find devices with specific ports open. Perfect for security research and network auditing.
Start Mass Scanning