The host is installed with Apache CouchDB through 0.10.1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a issue in unspecified vector. Successful exploitation could allow remote attackers to obtain sensitive information by measuring the completion time of operations that verify hashes or passwords.