Update and rename misconfiguration/unauthenticated-influxdb.yaml to cves/2019/CVE-2019-20933.yaml

cves/2019/CVE-2019-20933.yaml

@@ -0,0 +1,34 @@
+id: CVE-2019-20933
+
+info:
+  name: Authentication Bypass InfluxDB
+  author: pussycat0x,c-sh0
+  severity: critical
+  description: InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
+  remediation: Update Influxdb to version 1.6.7~rc0-1 or higher.
+  reference:
+    - https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-20933
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20933
+  metadata:
+    verified: true
+    shodan-dork: InfluxDB
+  tags: unauth,db,influxdb,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"results":'
+          - '"name":"databases"'
+        condition: and
+
+      - type: status
+        status:
+          - 200

misconfiguration/unauthenticated-influxdb.yaml

@@ -1,27 +0,0 @@
-id: unauthenticated-influxdb
-
-info:
-  name: Unauthentication InfluxDB Detection
-  author: pussycat0x
-  severity: high
-  metadata:
-    shodan-dork: InfluxDB
-  tags: unauth,db,influxdb,misconfig
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: body
-        words:
-          - '"results":'
-          - '"name":"databases"'
-        condition: and
-
-      - type: status
-        status:
-          - 200