{"uuid": "861c9409-a34b-4e6c-99a7-c61a892a2a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "https://t.me/cibsecurity/16573", "content": "\u203c CVE-2019-20933 \u203c\n\nInfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T07:41:05.000000Z"}