Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2024/12/17 12:20 a.m.17 views

CVE-2024-55949

A flaw was found in MinIO. Due to insufficient permissions checking in the IAM import API, a user may be able to change their policy mapping to escalate their privileges via a specially crafted configuration file...

8.1CVSS6.3AI score0.00716EPSS
Exploits0References7
CVE
CVE
added 2024/12/16 8:2 p.m.4129 views

CVE-2024-55949

MinIO is affected by a privilege-escalation flaw in the IAM import API. The issue impacts all users since the commit 580d9db85e04f1b63cc2909af50f0ed08afa965f, with a fix introduced in commit f246c9053f9603e610d98439799bdd2a6b293427 and released in RELEASE.2024-12-13T22-19-12Z. There are no workar...

9.3CVSS6.7AI score0.00716EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2024/04/12 12:0 a.m.269 views

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Date: 2024-04-11 Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required...

8.8CVSS8.7AI score0.34086EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2023/03/22 8:33 p.m.13 views

CVE-2023-28433 Minio Privilege Escalation on Windows via Path separator manipulation

Minio is a Multi-Cloud Object Storage framework. All users on Windows prior to version RELEASE.2023-03-20T20-16-18Z are impacted. MinIO fails to filter the \ character, which allows for arbitrary object placement across buckets. As a result, a user with low privileges, such as an access key,...

8.8CVSS8.6AI score0.00981EPSS
Exploits0References4
Rows per page
Query Builder