Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 728
Alerts This Week
Warning Icon 1 728

Ubuntu 20.04 & 18.04 USN-5451-1 Moderate: InfluxDB Authentication Bypass

ubuntu
Calendar Grey May 31, 2022
Dist Ubuntu Esm H88
A security flaw in InfluxDB on Ubuntu systems permits unauthorized access, enabling attackers to authenticate as any registered user. Immediate updates are advised.
An InfluxDB vulnerability allowed attackers to login as any known database user.

Summary

An InfluxDB vulnerability allowed attackers to login as any known

database user.

Software Description:

- influxdb: Scalable datastore for metrics, events, and real-time analytics

Details:

Ilya Averyanov discovered that an InfluxDB vulnerability allowed

attackers to bypass authentication and gain access to any known

database user.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
influxdb 1.6.4-1+deb10u1build0.20.04.1

Ubuntu 18.04 LTS:
influxdb 1.1.1+dfsg1-4+deb9u1ubuntu1

After a standard system update you need to restart the influxdb
service to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5451-1

CVE-2019-20933

May 31, 2022

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.