From d29eb6bfbb888d81b1e4f6872d54eb20d5a4f3f7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 23 Aug 2022 09:29:33 +0530 Subject: [PATCH] Update and rename misconfiguration/unauthenticated-influxdb.yaml to cves/2019/CVE-2019-20933.yaml --- cves/2019/CVE-2019-20933.yaml | 34 +++++++++++++++++++ .../unauthenticated-influxdb.yaml | 27 --------------- 2 files changed, 34 insertions(+), 27 deletions(-) create mode 100644 cves/2019/CVE-2019-20933.yaml delete mode 100644 misconfiguration/unauthenticated-influxdb.yaml diff --git a/cves/2019/CVE-2019-20933.yaml b/cves/2019/CVE-2019-20933.yaml new file mode 100644 index 0000000000..e9285897f9 --- /dev/null +++ b/cves/2019/CVE-2019-20933.yaml @@ -0,0 +1,34 @@ +id: CVE-2019-20933 + +info: + name: Authentication Bypass InfluxDB + author: pussycat0x,c-sh0 + severity: critical + description: InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). + remediation: Update Influxdb to version 1.6.7~rc0-1 or higher. + reference: + - https://github.com/LorenzoTullini/InfluxDB-Exploit-CVE-2019-20933 + - https://nvd.nist.gov/vuln/detail/CVE-2019-20933 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20933 + metadata: + verified: true + shodan-dork: InfluxDB + tags: unauth,db,influxdb,misconfig + +requests: + - method: GET + path: + - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"results":' + - '"name":"databases"' + condition: and + + - type: status + status: + - 200 diff --git a/misconfiguration/unauthenticated-influxdb.yaml b/misconfiguration/unauthenticated-influxdb.yaml deleted file mode 100644 index 04d3a6836a..0000000000 --- a/misconfiguration/unauthenticated-influxdb.yaml +++ /dev/null @@ -1,27 +0,0 @@ -id: unauthenticated-influxdb - -info: - name: Unauthentication InfluxDB Detection - author: pussycat0x - severity: high - metadata: - shodan-dork: InfluxDB - tags: unauth,db,influxdb,misconfig - -requests: - - method: GET - path: - - "{{BaseURL}}/query?db=db&q=SHOW%20DATABASES" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - '"results":' - - '"name":"databases"' - condition: and - - - type: status - status: - - 200 \ No newline at end of file