cvelistv5 - cve-2023-28434

CVE-2023-28434 (GCVE-0-2023-28434)

Vulnerability from cvelistv5

Published

2023-03-22 20:44

Modified

2025-10-21 23:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-269 - Improper Privilege Management

Summary

Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`.

References

URL

	Vendor	Product	Version
	minio	minio	Version: < RELEASE.2023-03-20T20-16-18Z

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2023-09-19

Due date: 2023-10-10

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Unknown

Notes: https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c; https://nvd.nist.gov/vuln/detail/CVE-2023-28434

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:38:25.275Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
          },
          {
            "name": "https://github.com/minio/minio/pull/16849",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/minio/minio/pull/16849"
          },
          {
            "name": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28434",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T21:17:47.891249Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-09-19",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:22.302Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2023-09-19T00:00:00+00:00",
            "value": "CVE-2023-28434 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "minio",
          "vendor": "minio",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c RELEASE.2023-03-20T20-16-18Z"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. \n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-22T20:44:04.216Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
        },
        {
          "name": "https://github.com/minio/minio/pull/16849",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/minio/minio/pull/16849"
        },
        {
          "name": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
        }
      ],
      "source": {
        "advisory": "GHSA-2pxw-r47w-4p8c",
        "discovery": "UNKNOWN"
      },
      "title": "MinIO is vulnerable to privilege escalation on Linux/MacOS"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-28434",
    "datePublished": "2023-03-22T20:44:04.216Z",
    "dateReserved": "2023-03-15T15:59:10.053Z",
    "dateUpdated": "2025-10-21T23:15:22.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-28434",
      "cwes": "[\"CWE-269\"]",
      "dateAdded": "2023-09-19",
      "dueDate": "2023-10-10",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c;  https://nvd.nist.gov/vuln/detail/CVE-2023-28434",
      "product": "MinIO",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket` to conduct privilege escalation. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.",
      "vendorProject": "MinIO",
      "vulnerabilityName": "MinIO Security Feature Bypass Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-28434\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-03-22T21:15:18.427\",\"lastModified\":\"2025-10-24T14:46:50.390\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. \\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2023-09-19\",\"cisaActionDue\":\"2023-10-10\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"MinIO Security Feature Bypass Vulnerability\",\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2023-03-20t20-16-18z\",\"matchCriteriaId\":\"63CBB19F-80FF-4D6B-ADF3-7BD9768861D0\"}]}]}],\"references\":[{\"url\":\"https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/minio/minio/pull/16849\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/minio/minio/pull/16849\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c\", \"name\": \"https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/minio/minio/pull/16849\", \"name\": \"https://github.com/minio/minio/pull/16849\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5\", \"name\": \"https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T12:38:25.275Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-28434\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-28T21:17:47.891249Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-09-19\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-09-19T00:00:00+00:00\", \"value\": \"CVE-2023-28434 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-28T21:16:20.531Z\"}}], \"cna\": {\"title\": \"MinIO is vulnerable to privilege escalation on Linux/MacOS\", \"source\": {\"advisory\": \"GHSA-2pxw-r47w-4p8c\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"minio\", \"product\": \"minio\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c RELEASE.2023-03-20T20-16-18Z\"}]}], \"references\": [{\"url\": \"https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c\", \"name\": \"https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/minio/minio/pull/16849\", \"name\": \"https://github.com/minio/minio/pull/16849\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5\", \"name\": \"https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. \\n\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269: Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-03-22T20:44:04.216Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-28434\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:22.302Z\", \"dateReserved\": \"2023-03-15T15:59:10.053Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-03-22T20:44:04.216Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-2pxw-r47w-4p8c

Vulnerability from github

Published

2023-09-05 15:45

Modified

2025-10-22 19:20

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H

Summary

Privilege Escalation on Linux/MacOS

Details

Impact

An attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing PostPolicyBucket. To carry out this attack, the attacker requires credentials with arn:aws:s3:::* permission, as well as enabled Console API access.

Patches

``` commit 67f4ba154a27a1b06e48bfabda38355a010dfca5 Author: Aditya Manthramurthy donatello@users.noreply.github.com Date: Sun Mar 19 21:15:20 2023 -0700

fix: post policy request security bypass (#16849)

```

Workarounds

Browser API access must be enabled turning off MINIO_BROWSER=off allows for this workaround.

References

The vulnerable code: go // minio/cmd/generic-handlers.go func setRequestValidityHandler(h http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // ... // For all other requests reject access to reserved buckets bucketName, _ := request2BucketObjectName(r) if isMinioReservedBucket(bucketName) || isMinioMetaBucket(bucketName) { if !guessIsRPCReq(r) && !guessIsBrowserReq(r) && !guessIsHealthCheckReq(r) && !guessIsMetricsReq(r) && !isAdminReq(r) && !isKMSReq(r) { if ok { tc.FuncName = "handler.ValidRequest" tc.ResponseRecorder.LogErrBody = true } writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrAllAccessDisabled), r.URL) return } } // ...

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/minio/minio"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.0.0-202303200415"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-28434"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-09-05T15:45:10Z",
    "nvd_published_at": "2023-03-22T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nAn attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access.\n\n### Patches\n```\ncommit 67f4ba154a27a1b06e48bfabda38355a010dfca5\nAuthor: Aditya Manthramurthy \u003cdonatello@users.noreply.github.com\u003e\nDate:   Sun Mar 19 21:15:20 2023 -0700\n\n    fix: post policy request security bypass (#16849)\n```\n\n### Workarounds\nBrowser API access must be enabled turning off `MINIO_BROWSER=off` allows for this workaround.\n\n### References\nThe vulnerable code:\n```go\n// minio/cmd/generic-handlers.go\nfunc setRequestValidityHandler(h http.Handler) http.Handler {\n  return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {\n    // ...\n    // For all other requests reject access to reserved buckets\n    bucketName, _ := request2BucketObjectName(r)\n    if isMinioReservedBucket(bucketName) || isMinioMetaBucket(bucketName) {\n      if !guessIsRPCReq(r) \u0026\u0026 !guessIsBrowserReq(r) \u0026\u0026 !guessIsHealthCheckReq(r) \u0026\u0026 !guessIsMetricsReq(r) \u0026\u0026 !isAdminReq(r) \u0026\u0026 !isKMSReq(r) {\n        if ok {\n          tc.FuncName = \"handler.ValidRequest\"\n          tc.ResponseRecorder.LogErrBody = true\n        }\n        writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrAllAccessDisabled), r.URL)\n        return\n      }\n    }\n    // ...\n```",
  "id": "GHSA-2pxw-r47w-4p8c",
  "modified": "2025-10-22T19:20:02Z",
  "published": "2023-09-05T15:45:10Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28434"
    },
    {
      "type": "WEB",
      "url": "https://github.com/minio/minio/pull/16849"
    },
    {
      "type": "WEB",
      "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/minio/minio"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Privilege Escalation on Linux/MacOS"
}

fkie_cve-2023-28434

Vulnerability from fkie_nvd

Published

2023-03-22 21:15

Modified

2025-10-24 14:46

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5	Patch
security-advisories@github.com	https://github.com/minio/minio/pull/16849	Exploit, Issue Tracking
security-advisories@github.com	https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/minio/minio/pull/16849	Exploit, Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434	US Government Resource

Impacted products

	Vendor	Product	Version
	minio	minio	*

JSON

To clipboard

{
  "cisaActionDue": "2023-10-10",
  "cisaExploitAdd": "2023-09-19",
  "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
  "cisaVulnerabilityName": "MinIO Security Feature Bypass Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "63CBB19F-80FF-4D6B-ADF3-7BD9768861D0",
              "versionEndExcluding": "2023-03-20t20-16-18z",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. \n"
    }
  ],
  "id": "CVE-2023-28434",
  "lastModified": "2025-10-24T14:46:50.390",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-22T21:15:18.427",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "https://github.com/minio/minio/pull/16849"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Issue Tracking"
      ],
      "url": "https://github.com/minio/minio/pull/16849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28434"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

wid-sec-w-2023-2261

Vulnerability from csaf_certbund

Published

2023-09-04 22:00

Modified

2023-09-04 22:00

Summary

MinIO: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

MinIO ist ein S3-kompatibler Objektspeicher, der für groß angelegte KI/ML-, Data Lake- und Datenbank-Workloads entwickelt wurde. Er läuft "on-premise" und in jeder Cloud.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MinIO ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "MinIO ist ein S3-kompatibler Objektspeicher, der f\u00fcr gro\u00df angelegte KI/ML-, Data Lake- und Datenbank-Workloads entwickelt wurde. Er l\u00e4uft \"on-premise\" und in jeder Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MinIO ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2261 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2261.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2261 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2261"
      },
      {
        "category": "external",
        "summary": "MinIO Security Notification vom 2023-09-04",
        "url": "https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html"
      }
    ],
    "source_lang": "en-US",
    "title": "MinIO: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2023-09-04T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:58:02.058+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2261",
      "initial_release_date": "2023-09-04T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-09-04T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source MinIO \u003c RELEASE.2023-03-20T20-16-18Z",
            "product": {
              "name": "Open Source MinIO \u003c RELEASE.2023-03-20T20-16-18Z",
              "product_id": "T029711",
              "product_identification_helper": {
                "cpe": "cpe:/a:minio:minio:release.2023-03-20t20-16-18z"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-28434",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in MinIO. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Rechteverwaltung und Inkonsequenz zwischen der Pr\u00fcfung f\u00fcr das Routing von Post-Policy-Anforderungen und der Verhinderung des Zugriffs auf reservierte Buckets. Ein Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und seine Privilegien zu erweitern, indem er manipulierte Anfragen verwendet, um die \u00dcberpr\u00fcfung des Metadaten-Bucket-Namens zu umgehen und ein Objekt in einen beliebigen Bucket zu legen, w\u00e4hrend er PostPolicyBucket verarbeitet."
        }
      ],
      "release_date": "2023-09-04T22:00:00.000+00:00",
      "title": "CVE-2023-28434"
    },
    {
      "cve": "CVE-2023-28432",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in MinIO. Dieser Fehler besteht in einem Cluster-Einsatz, da das System alle Umgebungsvariablen zur\u00fcckgibt. Ein Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2023-09-04T22:00:00.000+00:00",
      "title": "CVE-2023-28432"
    }
  ]
}

WID-SEC-W-2023-2261

Vulnerability from csaf_certbund

Published

2023-09-04 22:00

Modified

2023-09-04 22:00

Summary

MinIO: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen

Notes

Produktbeschreibung

MinIO ist ein S3-kompatibler Objektspeicher, der für groß angelegte KI/ML-, Data Lake- und Datenbank-Workloads entwickelt wurde. Er läuft "on-premise" und in jeder Cloud.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MinIO ausnutzen, um Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - MacOS X - Windows - Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "MinIO ist ein S3-kompatibler Objektspeicher, der f\u00fcr gro\u00df angelegte KI/ML-, Data Lake- und Datenbank-Workloads entwickelt wurde. Er l\u00e4uft \"on-premise\" und in jeder Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in MinIO ausnutzen, um Informationen offenzulegen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-2261 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2261.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-2261 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2261"
      },
      {
        "category": "external",
        "summary": "MinIO Security Notification vom 2023-09-04",
        "url": "https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html"
      }
    ],
    "source_lang": "en-US",
    "title": "MinIO: Mehrere Schwachstellen erm\u00f6glichen Offenlegung von Informationen",
    "tracking": {
      "current_release_date": "2023-09-04T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:58:02.058+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-2261",
      "initial_release_date": "2023-09-04T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-09-04T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source MinIO \u003c RELEASE.2023-03-20T20-16-18Z",
            "product": {
              "name": "Open Source MinIO \u003c RELEASE.2023-03-20T20-16-18Z",
              "product_id": "T029711",
              "product_identification_helper": {
                "cpe": "cpe:/a:minio:minio:release.2023-03-20t20-16-18z"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-28434",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in MinIO. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Rechteverwaltung und Inkonsequenz zwischen der Pr\u00fcfung f\u00fcr das Routing von Post-Policy-Anforderungen und der Verhinderung des Zugriffs auf reservierte Buckets. Ein Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen und seine Privilegien zu erweitern, indem er manipulierte Anfragen verwendet, um die \u00dcberpr\u00fcfung des Metadaten-Bucket-Namens zu umgehen und ein Objekt in einen beliebigen Bucket zu legen, w\u00e4hrend er PostPolicyBucket verarbeitet."
        }
      ],
      "release_date": "2023-09-04T22:00:00.000+00:00",
      "title": "CVE-2023-28434"
    },
    {
      "cve": "CVE-2023-28432",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in MinIO. Dieser Fehler besteht in einem Cluster-Einsatz, da das System alle Umgebungsvariablen zur\u00fcckgibt. Ein Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen."
        }
      ],
      "release_date": "2023-09-04T22:00:00.000+00:00",
      "title": "CVE-2023-28432"
    }
  ]
}

var-202303-1848

Vulnerability from variot

Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing PostPolicyBucket. To carry out this attack, the attacker requires credentials with arn:aws:s3:::* permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off MINIO_BROWSER=off. Minio Inc. of Minio Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202303-1848",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "minio",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "minio",
        "version": "2023-03-20t20-16-18z"
      },
      {
        "model": "minio",
        "scope": null,
        "trust": 0.8,
        "vendor": "minio",
        "version": null
      },
      {
        "model": "minio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "minio",
        "version": null
      },
      {
        "model": "minio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "minio",
        "version": "2023-03-20t20-16-18z"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2023-03-20t20-16-18z",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "cve": "CVE-2023-28434",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2023-28434",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2023-28434",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "security-advisories@github.com",
            "id": "CVE-2023-28434",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202303-1792",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`. Minio Inc. of Minio Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-28434"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2023-28434",
        "trust": 3.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2023-28434",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28434"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "id": "VAR-202303-1848",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.18899521
  },
  "last_update_date": "2024-06-26T23:18:41.829000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "MinIO Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=230916"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/mr-xn/cve-2023-28434 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28434"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      },
      {
        "problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://github.com/minio/minio/security/advisories/ghsa-2pxw-r47w-4p8c"
      },
      {
        "trust": 2.5,
        "url": "https://github.com/minio/minio/pull/16849"
      },
      {
        "trust": 2.5,
        "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2023-28434"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2023-28434/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/269.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/mr-xn/cve-2023-28434"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28434"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2023-28434"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      },
      {
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-03-22T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-28434"
      },
      {
        "date": "2023-11-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "date": "2023-03-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      },
      {
        "date": "2023-03-22T21:15:18.427000",
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-03-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2023-28434"
      },
      {
        "date": "2023-11-10T04:23:00",
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      },
      {
        "date": "2023-03-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      },
      {
        "date": "2024-06-21T16:12:41.387000",
        "db": "NVD",
        "id": "CVE-2023-28434"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Minio\u00a0Inc.\u00a0 of \u00a0Minio\u00a0 Vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2023-005843"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202303-1792"
      }
    ],
    "trust": 0.6
  }
}

gsd-2023-28434

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2023-28434

Aliases

CVE-2023-28434

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-28434",
    "id": "GSD-2023-28434"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-28434"
      ],
      "details": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`.",
      "id": "GSD-2023-28434",
      "modified": "2023-12-13T01:20:47.288588Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2023-28434",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "minio",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c RELEASE.2023-03-20T20-16-18Z"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "minio"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-269",
                "lang": "eng",
                "value": "CWE-269: Improper Privilege Management"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c",
            "refsource": "MISC",
            "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
          },
          {
            "name": "https://github.com/minio/minio/pull/16849",
            "refsource": "MISC",
            "url": "https://github.com/minio/minio/pull/16849"
          },
          {
            "name": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5",
            "refsource": "MISC",
            "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-2pxw-r47w-4p8c",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003cv2023-03-20t20-16-18z",
          "affected_versions": "All versions before 2023-03-20t20-16-18z",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2023-03-28",
          "description": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`.",
          "fixed_versions": [
            "v2023-03-20t20-16-18z"
          ],
          "identifier": "CVE-2023-28434",
          "identifiers": [
            "CVE-2023-28434",
            "GHSA-2pxw-r47w-4p8c"
          ],
          "not_impacted": "",
          "package_slug": "go/github.com/minio/minio",
          "pubdate": "2023-03-22",
          "solution": "Upgrade to version 2023-03-20t20-16-18z or above.",
          "title": "Privilege Escalation on Linux/MacOS",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2023-28434",
            "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c",
            "https://github.com/minio/minio/pull/16849",
            "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
          ],
          "uuid": "805203cd-db82-41ce-8028-2443cd5d0194",
          "versions": []
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:minio:minio:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2023-03-20t20-16-18z",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2023-28434"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker requires credentials with `arn:aws:s3:::*` permission, as well as enabled Console API access. This issue has been patched in RELEASE.2023-03-20T20-16-18Z. As a workaround, enable browser API access and turn off `MINIO_BROWSER=off`."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/minio/minio/security/advisories/GHSA-2pxw-r47w-4p8c"
            },
            {
              "name": "https://github.com/minio/minio/pull/16849",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Issue Tracking"
              ],
              "url": "https://github.com/minio/minio/pull/16849"
            },
            {
              "name": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5",
              "refsource": "MISC",
              "tags": [
                "Patch"
              ],
              "url": "https://github.com/minio/minio/commit/67f4ba154a27a1b06e48bfabda38355a010dfca5"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-03-28T16:24Z",
      "publishedDate": "2023-03-22T21:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-28434 (GCVE-0-2023-28434)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

ghsa-2pxw-r47w-4p8c

Vulnerability from github

Impact

Patches

Workarounds

References

fkie_cve-2023-28434

Vulnerability from fkie_nvd

wid-sec-w-2023-2261

Vulnerability from csaf_certbund

WID-SEC-W-2023-2261

Vulnerability from csaf_certbund

var-202303-1848

Vulnerability from variot

gsd-2023-28434

Vulnerability from gsd

Tags

Sightings

Nomenclature