VYPR

Influxdb

by Influxdata

Source repositories

CVEs (2)

  • CVE-2022-36640CriSep 2, 2022
    risk 0.64cvss 9.8epss 0.02

    influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly…

  • CVE-2024-30896CriNov 21, 2024
    risk 0.56cvss 9.1epss 0.05

    InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud,…