Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/02 9:19 p.m.16 views

CVE-2025-27414

A flaw was found in MinIO. An incorrect evaluation of the SSH key used in an SFTP connection when using LDAP as an external identity provider with a user with no sshPublicKey property allows an attacker to perform any FTP operations like reading, writing, deleting and listing objects, resulting i...

7.4CVSS6.3AI score0.00512EPSS
Exploits0References6
NVD
NVD
added 2025/02/28 9:15 p.m.46 views

CVE-2025-27414

MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...

8.2CVSS0.00512EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/28 9:6 p.m.47 views

CVE-2025-27414 MinIO SFTP authentication bypass due to improperly trusted SSH key

MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...

8.2CVSS0.00512EPSS
Exploits0References3
CVE
CVE
added 2025/02/28 9:6 p.m.125 views

CVE-2025-27414

CVE-2025-27414 concerns MinIO SFTP authentication, where a bug in evaluating the trust of an SSH key used for LDAP-backed SFTP access can allow unauthorized data access. A MinIO server configured for SFTP with LDAP, and a user (or a group) whose LDAP entry lacks the sshPublicKey attribute, can ca...

8.2CVSS7.1AI score0.00512EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/28 9:6 p.m.10 views

CVE-2025-27414 MinIO SFTP authentication bypass due to improperly trusted SSH key

MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to RELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP...

8.2CVSS6.5AI score0.00512EPSS
Exploits0References3
Rows per page
Query Builder