← Volver a CVEs
CVE-2026-24762
HIGH7.5
Descripcion
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material (access key, secret key, session token) to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be accessible to internal or external log consumers and could lead to compromise of sensitive credentials. This issue has been patched in version alpha.82.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado2/3/2026
Ultima modificacion2/23/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
rustfs:rustfs
Debilidades (CWE)
CWE-532
Referencias
https://github.com/rustfs/rustfs/security/advisories/GHSA-r54g-49rx-98cr(security-advisories@github.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.