Lucene search
FreeBSD80FBE184-2358-11EF-996E-40B034455553HistoryMay 28, 2024 - 12:00 a.m.
minio -- unintentional information disclosure
2024-05-2800:00:00
vuxml.freebsd.org
3
minio
security advisory
information disclosure
anonymous requests
object existence
server
bucket
unix
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
7
Confidence
Low
Minio security advisory GHSA-95fr-cm4m-q5p9 reports:
when used with anonymous requests by sending a random
object name requests you can figure out if the object
exists or not on the server on a specific bucket and also
gain access to some amount of information.
Related
veracode
veracode
Sensitive Information Disclosure
2024-05-30 12:03:21
osv
osv
CGA-rq5h-44g8-8973
2024-06-06 12:29:23
CVE-2024-36107
2024-05-28 19:15:10
BIT-minio-2024-36107
2024-06-04 09:46:16
nvd
nvd
CVE-2024-36107
2024-05-28 19:15:10
cvelist
cvelist
CVE-2024-36107 Information disclosure in minio
2024-05-28 18:50:51
redhatcve
redhatcve
CVE-2024-36107
2024-05-29 09:49:57
cve
cve
CVE-2024-36107
2024-05-28 19:15:10
github
github
MinIO information disclosure vulnerability
2024-05-29 18:37:14
vulnrichment
vulnrichment
CVE-2024-36107 Information disclosure in minio
2024-05-28 18:50:51
wolfi
wolfi
CVE-2024-36107 vulnerabilities
2024-09-30 09:32:54
redos
redos
ROS-20240807-05
2024-08-07 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
7
Confidence
Low
Related for 80FBE184-2358-11EF-996E-40B034455553