Versions (5)
Version DetailsCurrent
Rev: 1 • Sep 5, 2023, 12:00 PMET WEB_SPECIFIC_APPS MinIO Information Disclosure Attempt (CVE-2023-28432)
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS MinIO Information Disclosure Attempt (CVE-2023-28432)"; flow:established, to_server; http.method; content:"POST"; http.uri; content:"/minio/bootstrap/v1/verify"; fast_pattern; reference:url,www.securityjoes.com/post/new-attack-vector-in-the-cloud-attackers-caught-exploiting-object-storage-services; reference:cve,2023-28432; classtype:attempted-admin; sid:2047923; rev:1; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2023_09_05, cve CVE_2023_28432, deployment Perimeter, deployment SSLDecrypt, confidence High, signature_severity Major, tag CISA_KEV, updated_at 2023_09_05, reviewed_at 2024_10_02, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1082, mitre_technique_name System_Information_Discovery; target:dest_ip;)
Sep 5, 2023, 12:00 PM
Sep 5, 2023, 12:00 PM
Sep 21, 2024, 3:00 AM
Sep 21, 2024, 3:00 AM
rules/emerging-web_specific_apps.rules