Plattform
nodejs
Komponente
@backstage/plugin-techdocs-backend
Behoben in
1.10.14
1.10.13
CVE-2024-45816 describes a Directory Traversal vulnerability affecting the @backstage/plugin-techdocs-backend package. This flaw allows unauthorized access to the contents of AWS S3 or Google Cloud Storage (GCS) buckets used by TechDocs, potentially exposing sensitive data. The vulnerability impacts versions prior to 1.10.13 and has been resolved in the 1.10.13 release.
The primary impact of CVE-2024-45816 is the potential for unauthorized data disclosure. When using AWS S3 or GCS as the storage provider for TechDocs, an attacker can leverage this vulnerability to traverse directories within the storage bucket and access files they shouldn't be able to see. This bypasses the intended permission checks within Backstage, allowing access to potentially confidential documents, configuration files, or other sensitive data stored in the bucket. The blast radius extends to any data stored in the bucket, regardless of its intended access level. This vulnerability is particularly concerning as it could lead to data breaches and compromise the integrity of the Backstage environment.
This vulnerability was publicly disclosed on 2024-09-17. There are currently no known public exploits or active campaigns targeting this specific vulnerability. It is not listed on the CISA KEV catalog at the time of writing. The ease of exploitation depends on the configuration of the S3/GCS bucket and the permissions granted to the TechDocs backend.
Organizations utilizing Backstage with the TechDocs plugin and relying on AWS S3 or Google Cloud Storage for document storage are at risk. This includes development teams, documentation engineers, and DevOps professionals responsible for managing Backstage deployments. Shared hosting environments or deployments with overly permissive S3/GCS bucket configurations are particularly vulnerable.
• nodejs / supply-chain:
npm list @backstage/plugin-techdocs-backend
# Check version. If < 1.10.13, vulnerable.• generic web:
curl -I <techdocs_api_endpoint>/path/to/unintended/file.txt
# Check for 200 OK response. Indicates potential access.disclosure
Exploit-Status
EPSS
0.21% (43% Perzentil)
CISA SSVC
CVSS-Vektor
The recommended mitigation for CVE-2024-45816 is to immediately upgrade the @backstage/plugin-techdocs-backend package to version 1.10.13 or later. If an immediate upgrade is not feasible due to compatibility issues or breaking changes, consider restricting access to the S3 or GCS bucket using stricter IAM policies and bucket permissions. Implement network-level controls to limit access to the bucket from unauthorized sources. Regularly review and audit bucket access logs to identify any suspicious activity. While a direct detection signature is difficult to create, monitor S3/GCS access logs for unusual patterns of directory traversal attempts.
Actualice el paquete `@backstage/plugin-techdocs-backend` a la versión 1.10.13 o superior. Esto corrige la vulnerabilidad de recorrido de directorios en el bucket de almacenamiento. Ejecute `npm install @backstage/plugin-techdocs-backend@latest` o `yarn upgrade @backstage/plugin-techdocs-backend@latest` para actualizar.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-45816 is a Directory Traversal vulnerability in the @backstage/plugin-techdocs-backend package, allowing unauthorized access to files in AWS S3 or GCS storage buckets.
You are affected if you are using @backstage/plugin-techdocs-backend versions prior to 1.10.13 and utilize AWS S3 or Google Cloud Storage for TechDocs storage.
Upgrade the @backstage/plugin-techdocs-backend package to version 1.10.13 or later. Consider stricter S3/GCS bucket access controls as an interim measure.
As of September 2024, there are no confirmed reports of active exploitation, but the vulnerability's ease of exploitation warrants caution.
Refer to the Backstage repository on GitHub: https://github.com/backstage/backstage
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.