Lucene search
China National Vulnerability DatabaseCNVD-2023-19953HistoryMar 24, 2023 - 12:00 a.m.
MinIO Information Disclosure Vulnerability
2023-03-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
85
minio
information disclosure
open source
storage server
security vulnerability
environment variables
attack
information leakage
machine learning
analytics
0.865 High
EPSS
Percentile
98.6%
MinIO is an open source object storage server from MinIO, Inc. The product supports building infrastructure for machine learning, analytics, and application data workloads.MinIO is vulnerable to an information disclosure vulnerability that stems from the fact that in a cluster deployment MinIO returns all environment variables, including “MinIO_SSECRET_KEY” and “MinIO_ROOT_PASSWORD”, which can be exploited by attackers to cause information leakage.
Related
ubuntucve
ubuntucve
CVE-2023-28432
2023-03-22 00:00:00
attackerkb
attackerkb
CVE-2023-28432
2023-03-22 00:00:00
cisa_kev
cisa_kev
MinIO Information Disclosure Vulnerability
2023-04-21 00:00:00
githubexploit
githubexploit
cve
cve
CVE-2023-28432
2023-03-22 21:15:18
osv
osv
CVE-2023-28432
2023-03-22 21:15:18
BIT-minio-2023-28432
2024-03-06 10:56:38
veracode
veracode
Information Exposure
2023-03-30 10:29:27
nessus
nessus
MinIO Information Disclosure (CVE-2023-28432)
2024-01-25 00:00:00
MinIO < RELEASE.2023-03-20T20-16-18Z Multiple Vulnerabilities
2023-09-26 00:00:00
prion
prion
Information disclosure
2023-03-22 21:15:00
nvd
nvd
CVE-2023-28432
2023-03-22 21:15:18
cvelist
cvelist
CVE-2023-28432 Minio Information Disclosure in Cluster Deployment
2023-03-22 20:16:38
nuclei
nuclei
MinIO Cluster Deployment - Information Disclosure
2023-03-23 15:45:48
thn
thn
rapid7blog
rapid7blog
Metasploit Wrap-Up 03/15/2024
2024-03-15 18:20:02