cbcvebase.
CVE-2022-36640
published 2022-09-02

CVE-2022-36640: influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE…

PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.93%
77.5th percentile
influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible endpoint, we strongly recommend authentication be enabled. Otherwise the data will be publicly available to any unauthenticated user. The default settings do NOT enable authentication and authorization.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianinfluxdb
influxdatainfluxdb< 1.8.01.8.0

Detection & IOCsextracted from sources · hover to see the quote

  • InfluxDB instances with no authentication enabled are exploitable by unauthenticated attackers; detect unauthenticated HTTP requests to InfluxDB endpoints (default port 8086) from unexpected sources
  • The default InfluxDB configuration does NOT enable authentication and authorization; audit deployments for missing auth config as an indicator of vulnerable exposure
  • ·Multiple Debian releases (bookworm, bullseye, forky, sid, trixie) remain open/unpatched as of the Debian Security Tracker, indicating wide exposure on Debian-based deployments.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL
vendor_debian9.8LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.