logo

CVE-2023-28432 - MinIO Information Disclosure Vulnerability

CVE-2023-28432

MinIO | MinIO

  • Date Added:
  • 2023-04-21
  • Due Date:
  • 2023-05-12
Vulnerability Name

MinIO Information Disclosure Vulnerability

Description

MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://github.com/minio/minio/security/advisories/GHSA-6xvq-wj2x-3h3q; https://nvd.nist.gov/vuln/detail/CVE-2023-28432

Free security scan for your website