Prefect Authentication Bypass Vulnerability in Health Check Probes Allowing Unauthenticated Access to Sensitive Variables

A vulnerability allowing authentication bypass has been identified in Prefect version 3.6.19. The issue arises from improper handling of URL path exemptions for health check probes, which allows unauthenticated access to certain API endpoints. The authentication middleware exempts any URL path ending with 'health' or 'ready' from authentication checks. This vulnerability enables an attacker to create resources with names ending in 'health' or 'ready' and access them without authentication. Affected endpoints include those for variables, flows, work pools, work queues, and deployments. This flaw can lead to unauthorized access to sensitive information stored in Prefect Variables, such as API keys and database credentials.

Impact

Exploitation of this vulnerability bypasses authentication for resources named with 'health' or 'ready' suffixes, allowing unauthorized access to Prefect Variables that may contain sensitive information like API keys and database credentials. In shared or cloud environments, this could enable any network-accessible attacker to steal credentials.

Reproduction

To reproduce this vulnerability, start Prefect server version 3.6.19 with authentication enabled. Verify that authentication is working by attempting to access a protected endpoint without authorization, which should return a 401 status code. Next, create a variable with a name ending in 'health' or 'ready' using a valid authorization token. After the variable is created, attempt to access it through the corresponding API endpoint that accepts name-based parameters. The response should indicate successful access without authentication, demonstrating the bypass. This vulnerability can also be reproduced by manipulating the Host header to spoof the request path, bypassing authentication checks.

Remediation

Users can update to Prefect version 3.6.22 or later, where this vulnerability has been fixed.