Apache Polaris Google Cloud Storage Credential Escalation Vulnerability

A vulnerability in Apache Polaris prior to 1.4.1 allows for the unauthorized broadening of Google Cloud Storage (GCS) credentials. Polaris is designed to issue short-lived GCS credentials that are restricted to a specific table's files. However, due to improper handling of namespace and table identifiers, a crafted identifier can manipulate the credentials to access files across the entire configured bucket. This issue arises because the table path, which is derived from namespace and table identifiers, is inserted into the Conditional Expression Language (CEL) string without proper escaping. As a result, identifiers containing single quotes and other URI-safe CEL fragments can break out of the intended string context, altering the CEL condition's meaning. Exploitation of this vulnerability has been confirmed in private testing with Polaris 1.4.0 on real GCS, where delegated credentials were issued without the intended path restrictions, allowing access to multiple tables' object prefixes and metadata control files, as well as objects under unrelated external prefixes in the same bucket.

Impact

Exploitation of this vulnerability allows for unauthorized access to Google Cloud Storage objects across multiple tables and external prefixes within the same bucket, effectively bypassing the intended access restrictions.

Reproduction

The vulnerability can be reproduced by creating a namespace or table identifier that includes a single quote and other URI-safe CEL fragments. This crafted identifier can then be used to request GCS credentials through Apache Polaris. The resulting credentials will lack the proper path restrictions, allowing access to files across the entire configured bucket, not just the intended table.

Remediation

Users should update to Apache Polaris version 1.4.1 or later, where this vulnerability has been addressed.