BIT-INFLUXDB-2022-36640

influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible endpoint...

CVE-2022-36640

influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible endpoint...

CVE-2022-36640

influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible endpoint...

Authorization

DISPUTED influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible...

CVE-2022-36640

influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible endpoint...

CVE-2022-36640

CVE-2022-36640 affects influxData influxDB prior to v1.8.10, where there is no authentication mechanism or access controls. This condition enables unauthenticated remote command execution as described in the description. The vulnerability is repeatedly referenced across multiple connected sources...

InfluxData InfluxDB 安全漏洞

InfluxData InfluxDB is a Go-based development of temporal databases from the US company InfluxData. A security vulnerability exists in InfluxData InfluxDB versions prior to v1.8.10, which stems from not including any authentication mechanisms or controls. An attacker could exploit this...

Exploit for Improper Authentication in Influxdata Influxdb

CVE-2019-20933 InfluxDB before 1.7.6 has an authentication...

Leakage Of Sensitive Data

github.com/influxdata/influxdb is vulnerable to leakage of sensitive data. The vulnerability is possible because passwords are revealed in clear text in influxhistory...