Lucene search

K
cvelistMitreCVELIST:CVE-2019-20933
HistoryNov 19, 2020 - 1:50 a.m.

CVE-2019-20933

2020-11-1901:50:50
mitre
www.cve.org
1

AI Score

9.5

Confidence

High

EPSS

0.042

Percentile

92.3%

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).