The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5451-1 advisory.
– InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
(CVE-2019-20933)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More