Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2024-30896Insecure Storage of Sensitive Information in Influxdb

CWE-922Insecure Storage of Sensitive Information7 documents7 sources
Severity
9.1CRITICALNVD
EPSS
25.7%
top 3.74%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
11
Debian InfluxdbMsrc Azl3 Influxdb 2.7.5-10 ON Azure Linux 3.0Msrc Azl3 Influxdb 2.7.5-13 ON Azure Linux 3.0+8 more
Timeline
PublishedNov 21
Latest updateApr 8

Description

InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organiza

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 2.3 | Impact: 6.0

Affected Packages11 packages

🔴Vulnerability Details

2
GHSA
GHSA-r5vq-m2mp-cpfj: InfluxDB through 22024-11-27
OSV
CVE-2024-30896: InfluxDB OSS 22024-11-21

💥Exploits & PoCs

1
Exploit-DB
InfluxDB OSS 2.7.11 - Operator Token Privilege Escalation2025-04-08

📋Vendor Advisories

3
Red Hat
InfluxDB: Privilege Escalation via Authorization Token in InfluxDB2024-11-21
Microsoft
InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default orga2024-11-12
Debian
CVE-2024-30896: influxdb - InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under t...2024