Rancher Backup Operator S3 Token Leakage Vulnerability

A vulnerability in the Rancher Backup Operator has been identified, allowing S3 tokens (accessKey and secretKey) to be leaked into the logs of the rancher-backup-operator pod. This issue affects versions 6.0.0 prior to 6.0.3, 7.0.0 prior to 7.0.5, 8.0.0 prior to 8.1.2, and 9.0.0 prior to 9.0.1. The leakage occurs under specific logging level conditions, with the accessKey exposed by default and the secretKey requiring a modification of the logging levels.

Impact

The vulnerability leads to the unintentional exposure of sensitive S3 credentials in pod logs, which could be exploited to gain unauthorized access to S3 resources.

Remediation

Users should upgrade to Rancher Backup Operator versions 9.0.1, 8.1.2, 7.0.5, or 6.0.3. After upgrading, it is recommended to rotate the S3 accessKey and secretKey, especially if logs were exported. For air-gapped Rancher clusters, the Rancher version must be updated first before accessing the patched version of the Rancher Backup chart. Users who cannot update either Rancher or Rancher Backup should ensure that the debug and trace logging levels are set to false, the default, to prevent potential leaks.