8 matches found
VulnCheck KEV: CVE-2019-20933
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
GHSA-2RMP-FW5R-J5QV Improper Authentication in InfluxDB
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
Improper Authentication in InfluxDB
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
Exploit for Improper Authentication in Influxdata Influxdb
InfluxDB Exploit CVE-2019-20933 Exploit for InfluxDB CVE-2019...
CVE-2019-20933
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
CVE-2019-20933
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
Authentication flaw
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
CVE-2019-20933
InfluxDB before 1.7.6 contains an authentication bypass in the authenticate function (services/httpd/handler.go) where a JWT token may carry an empty SharedSecret. This can allow an attacker to bypass authentication and gain unauthorized access, potentially enabling data modification or administr...