11 matches found
VulnCheck KEV: CVE-2019-20933
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
Exploit for Improper Authentication in Influxdata Influxdb
CVE-2019-20933 InfluxDB before 1.7.6 has an authentication...
Exploit for Improper Authentication in Influxdata Influxdb
InfluxDB Exploit CVE-2019-20933 Exploit for InfluxDB CVE-2019...
Debian DSA-4823-1 : influxdb - security update
It was discovered that incorrect validation of JWT tokens in InfluxDB, a time series, metrics, and analytics database, could result in authentication bypass. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
[SECURITY] [DSA 4823-1] influxdb security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4823-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 01, 2021 https://www.debian.org/security/faq -...
Debian: Security Advisory (DLA-2501-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2501-1] influxdb security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2501-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz December 20, 2020 https://wiki.debian.org/LTS -...
Photon OS 3.0: Influxdb PHSA-2020-3.0-0172
An update of the influxdb package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0172. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2019-20933
creationtimestamp| type| source ---|---|--- 2020-11-19 07:41:05+00:00| seen| https://t.me/cibsecurity/16573 2022-01-19 18:02:44+00:00| published-proof-of-concept| https://t.me/cybersecs/528 2023-03-06 21:00:32+00:00| published-proof-of-concept|...
UBUNTU-CVE-2019-20933
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
CVE-2019-20933
InfluxDB before 1.7.6 contains an authentication bypass in the authenticate function (services/httpd/handler.go) where a JWT token may carry an empty SharedSecret. This can allow an attacker to bypass authentication and gain unauthorized access, potentially enabling data modification or administr...