Description
RethinkDB is an open-source database that makes use of JSON documents with dynamic schemas for real-time data processing.
A new RethinkDB cluster always has one user named admin; this user always has all permissions at a global scope, and the user cannot be deleted. By default, the admin user has no password.
Remediation
Configure RethinkDB to listen only on the local interface and set a strong password for the admin user. You can change the password for the admin user by updating the admin user document, or by specifying the --initial-password command line option on startup.
References
Related Vulnerabilities
WordPress Plugin WP PHP widget Information Disclosure (1.0.2)
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-1499)
Insecure Transportation Security Protocol Supported (SSLv3)
WordPress Plugin Caldera Forms-More Than Contact Forms Information Disclosure (1.3.5.2)