CVE-2023-28432

MiniO Information Disclosure Vulnerability (CVE-2023-28432) Notification

March 27, 2023

Overview Recently, NSFOCUS CERT found that MinIO officially issued a security notice, which fixed a MinIO information disclosure vulnerability (CVE-2023-28432). When MiniO is configured in cluster mode, an unauthenticated attacker can ultimately obtain information about all environment variables by constructing a crafted request packet, which allows the attacker to utilize the MINIO_ SECRET_ KEY&MINIO_ ROOT_ […]

Search

Subscribe to the NSFOCUS Blog