InfluxDB before 1.7.6 has an... CVE-2019-20933

- AV AC AU C I A
发布: 2020-11-19
修订: 2020-11-26

InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用