CVE-2023-43040

MEDIUM

IBM Spectrum Fusion HCI 2.5.2-2.7.2 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-43040. PoCs published by riza.

AI-analyzed exploit summary The repository contains a functional PoC exploit for CVE-2023-43040, which allows unauthorized object uploads to any bucket accessible by a specified access key in RADOS Gateway (RGW). The exploit leverages improper bucket validation in POST policies to bypass intended restrictions.

Description

IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807.

Exploits (1)

nomisec WORKING POC
by riza · poc
https://github.com/riza/CVE-2023-43040

The repository contains a functional PoC exploit for CVE-2023-43040, which allows unauthorized object uploads to any bucket accessible by a specified access key in RADOS Gateway (RGW). The exploit leverages improper bucket validation in POST policies to bypass intended restrictions.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Ceph RADOS Gateway (RGW) S3
Auth required
Prerequisites: Valid RGW access key and secret key · Network access to the RGW S3 endpoint
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 6.5
EPSS 0.0254
EPSS Percentile 82.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-1220
Status published
Products (1)
ibm/storage_fusion_hci 2.5.2 - 2.8.0
Published May 14, 2024
Tracked Since Feb 18, 2026