Description
This release of Teleport contains multiple security and bug fixes.
Escalation attack in agent forwarding
When setting up agent forwarding on the node, Teleport did not handle unix socket creation in a secure manner.
This could have given a potential attacker an opportunity to get Teleport to change arbitrary file permissions to the attacker’s user.
Websockets CSRF
When handling websocket requests, Teleport did not verify that the provided Bearer token was generated for the correct user.
This could have allowed a malicious low privileged Teleport user to use a social engineering attack to gain higher privileged access on the same Teleport cluster.
Actions
We recommend upgrading Auth, Proxy, SSH and Kubernetes agents.
Users should backup the Teleport cluster, then follow the standard Teleport upgrade procedure.
Other fixes
- Fixed issue with
tsh sshprinting extra error upon exit when last command was unsuccessful. #12902
Download
Download the current and previous releases of Teleport at https://gravitational.com/teleport/download.