{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/mcp-ssh-tool/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["mcp-ssh-tool"],"_cs_severities":["high"],"_cs_tags":["path-traversal","timing-attack","npm"],"_cs_type":"advisory","_cs_vendors":["npm"],"content_html":"\u003cp\u003eVersions 2.1.0 and earlier of \u003ccode\u003emcp-ssh-tool\u003c/code\u003e, a tool often used in CI/CD environments, contain security vulnerabilities related to file transfer path authorization and HTTP bearer authentication. Specifically, the tool suffers from insufficient local path policy enforcement in transfer-related filesystem handling, leading to potential bypasses of configured path restrictions. Additionally, a non-constant-time HTTP bearer token comparison exposes a timing side channel. The vulnerability allows attackers with sufficient access to potentially read or write files outside of their intended scope. Upgrade to version 2.1.1 or implement provided workarounds to mitigate risks.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains access to an MCP client, either through compromised credentials or a vulnerable service.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a file transfer request with a manipulated path, exploiting insufficient canonicalization in the \u003ccode\u003emcp-ssh-tool\u003c/code\u003e\u0026rsquo;s path policy checks.\u003c/li\u003e\n\u003cli\u003eThe crafted path bypasses the configured deny-prefix path policy.\u003c/li\u003e\n\u003cli\u003eThe attacker initiates a file transfer operation targeting a restricted file system location.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003emcp-ssh-tool\u003c/code\u003e incorrectly authorizes the transfer due to the policy bypass.\u003c/li\u003e\n\u003cli\u003eThe attacker successfully reads or writes files outside of the intended scope.\u003c/li\u003e\n\u003cli\u003eIn HTTP deployments, an attacker attempts to authenticate using a brute-force approach, leveraging timing differences in bearer token comparison.\u003c/li\u003e\n\u003cli\u003eBy analyzing response times, the attacker identifies valid token characters and reconstructs the valid bearer token over time.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of the path traversal vulnerability could allow unauthorized access to sensitive files and directories on the server. The timing side channel vulnerability in bearer token comparison could lead to unauthorized access to the system via HTTP. The severity of the impact is dependent on the file system permissions and sensitivity of the data exposed.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to \u003ccode\u003emcp-ssh-tool \u0026gt;= 2.1.1\u003c/code\u003e to remediate both the path traversal and timing attack vulnerabilities.\u003c/li\u003e\n\u003cli\u003eFor deployments that cannot immediately upgrade, avoid exposing HTTP transport beyond loopback to mitigate the timing attack.\u003c/li\u003e\n\u003cli\u003eImplement strict filesystem policy configuration as described in the \u003ccode\u003emcp-ssh-tool\u003c/code\u003e documentation to minimize the risk of path traversal.\u003c/li\u003e\n\u003cli\u003eMonitor audit logs for unexpected transfer operations to identify and respond to potential exploit attempts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-02T12:00:00Z","date_published":"2024-01-02T12:00:00Z","id":"/briefs/2024-01-mcp-ssh-tool-vulns/","summary":"mcp-ssh-tool versions 2.1.0 and earlier have a policy bypass in transfer path handling and expose a timing side channel in bearer-token comparison for HTTP deployments, addressed in version 2.1.1.","title":"mcp-ssh-tool Path Traversal and Timing Attack Vulnerabilities","url":"https://feed.craftedsignal.io/briefs/2024-01-mcp-ssh-tool-vulns/"}],"language":"en","title":"CraftedSignal Threat Feed — Mcp-Ssh-Tool","version":"https://jsonfeed.org/version/1.1"}