3 matches found
CVE-2024-30896
InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and...
CVE-2024-30896
CVE-2024-30896 affects InfluxDB OSS 2.x up to 2.7.11, where the administrative operator token is stored under the default organization. This allows authorized users with read access to the default organization’s authorization resource to retrieve the operator token, enabling potential privilege e...
InfluxData InfluxDB 安全漏洞
InfluxData InfluxDB is a Go-based development of temporal databases from InfluxData, USA. A security vulnerability exists in InfluxData InfluxDB version 2.7.10 and earlier, which stems from a vulnerability that allows an allAccess administrator to retrieve all raw tokens via the influx auth ls...