CVE-2023-28432

Description from NVD

Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.

Information Acquisition Date:2023-03-24T14:48Z
CVSS 2.0: 0.0 None CVSS 3.x: 7.5 HIGH

NVD References

 https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q
     source:MISC
     tags:
 https://github.com/minio/minio/releases/tag/RELEASE.2023-03-20T20-16-18Z
     source:MISC
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com49
https://y4er.com/posts/minio-cve-2023-284324
https://securityonline.info/cve-2023-28432-high-severity-se...4
https://twitter.com/_0xf4n9x_/status/16388675416897617943

▼ Show Information from Twitter(96)

List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com49
y4er.com4
securityonline.info4
twitter.com3

▼ Show Information from Twitter(96)

GitHub Search Results: Up to 10
NameURL
Mr-xn/CVE-2023-28432 https://github.com/Mr-xn/CVE-2023-28432
MzzdToT/CVE-2023-28432 https://github.com/MzzdToT/CVE-2023-28432
gobysec/CVE-2023-28432 https://github.com/gobysec/CVE-2023-28432
Cuerz/CVE-2023-28432 https://github.com/Cuerz/CVE-2023-28432
acheiii/CVE-2023-28432 https://github.com/acheiii/CVE-2023-28432
Okaytc/minio_unauth_check https://github.com/Okaytc/minio_unauth_check
yuyongxr/minio_cve-2023-28432 https://github.com/yuyongxr/minio_cve-2023-28432
steponeerror/Cve-2023-28432- https://github.com/steponeerror/Cve-2023-28432-
Majus527/MinIO_CVE-2023-28432 https://github.com/Majus527/MinIO_CVE-2023-28432
peiqiF4ck/WebFrameworkTools-5.1-main https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
GitHub Search Results: Up to 10
NameURL
Mr-xn/CVE-2023-28432 github.com
MzzdToT/CVE-2023-28432 github.com
gobysec/CVE-2023-28432 github.com
Cuerz/CVE-2023-28432 github.com
acheiii/CVE-2023-28432 github.com
Okaytc/minio_unauth_check github.com
yuyongxr/minio_cve-2023-28432 github.com
steponeerror/Cve-2023-28432- github.com
Majus527/MinIO_CVE-2023-28432 github.com
peiqiF4ck/WebFrameworkTools-5.1-main github.com
2023/04/06 Score : 0
Added Har-sia Database : 2023/03/23
Last Modified : 2023/04/06
Highest Scored Date : 2023/03/24
Highest Score : 38