Lucene search
K

11 matches found

VulnCheck KEV
VulnCheck KEV
added 2023/11/29 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-20933

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...

9.8CVSS7AI score0.30921EPSS
Exploits3References1
GithubExploit
GithubExploit
added 2021/07/24 11:12 a.m.461 views

Exploit for Improper Authentication in Influxdata Influxdb

CVE-2019-20933 InfluxDB before 1.7.6 has an authentication...

9.8CVSS9.5AI score0.30921EPSS
Exploits3
GithubExploit
GithubExploit
added 2021/04/28 4:25 p.m.244 views

Exploit for Improper Authentication in Influxdata Influxdb

InfluxDB Exploit CVE-2019-20933 Exploit for InfluxDB CVE-2019...

9.8CVSS0.5AI score0.30921EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/01/04 12:0 a.m.41 views

Debian DSA-4823-1 : influxdb - security update

It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in authentication bypass. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

9.8CVSS8AI score0.30921EPSS
Exploits3References4
Debian
Debian
added 2021/01/01 6:47 p.m.90 views

[SECURITY] [DSA 4823-1] influxdb security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4823-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 01, 2021 https://www.debian.org/security/faq -...

9.8CVSS9.5AI score0.30921EPSS
Exploits3
OpenVAS
OpenVAS
added 2020/12/21 12:0 a.m.22 views

Debian: Security Advisory (DLA-2501-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.30921EPSS
Exploits3References4
Debian
Debian
added 2020/12/20 8:28 a.m.63 views

[SECURITY] [DLA 2501-1] influxdb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2501-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 20, 2020 https://wiki.debian.org/LTS -...

9.8CVSS9.5AI score0.30921EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/12/10 12:0 a.m.32 views

Photon OS 3.0: Influxdb PHSA-2020-3.0-0172

An update of the influxdb package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0172. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.8CVSS8.7AI score0.30921EPSS
Exploits3References2
Circl
Circl
added 2020/11/19 7:41 a.m.226 views

CVE-2019-20933

creationtimestamp| type| source ---|---|--- 2020-11-19 07:41:05+00:00| seen| https://t.me/cibsecurity/16573 2022-01-19 18:02:44+00:00| published-proof-of-concept| https://t.me/cybersecs/528 2023-03-06 21:00:32+00:00| published-proof-of-concept|...

9.8CVSS6.9AI score0.30921EPSS
In wildExploits3References9
OSV
OSV
added 2020/11/19 2:15 a.m.2 views

UBUNTU-CVE-2019-20933

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...

9.8CVSS7.2AI score0.30921EPSS
Exploits3References6
CVE
CVE
added 2020/11/19 1:50 a.m.259 views

CVE-2019-20933

InfluxDB before 1.7.6 contains an authentication bypass in the authenticate function (services/httpd/handler.go) where a JWT token may carry an empty SharedSecret. This can allow an attacker to bypass authentication and gain unauthorized access, potentially enabling data modification or administr...

9.8CVSS9.4AI score0.30921EPSS
In wildExploits3References5Affected Software1
Rows per page
Query Builder