Alta Aware — 859: Zip path traversal (aka zip slip) on Alta Cloud Connector

Release Date

5th Jan 2024.

Overview

Insecure handling of zip file uploads by the backup restore functionality of the Alta Cloud Connector could be exploited to achieve zip path traversal (aka Zip Slip).

Affected Products

• Alta Aware:
  • All Stable upgrade channel versions before 6.4.4 .
  • All Beta upgrade channel versions before 6.4.4 .

Unaffected Products

• Alta Aware:

  • All Stable upgrade channel versions after and including 6.4.4 .
  • All Beta upgrade channel versions after and including 6.4.4 .

• Alta cameras: all versions.

• Alta Cloud: all versions.

Resolution

This issue has been fixed in Alta Aware Beta upgrade channel version 6.4.4 and Stable upgrade channel version 6.4.4 .

It is highly recommended that all installations running an affected version are upgraded to the latest release as soon as possible. Releases are available to download through the Alta Aware User Interface.

Vulnerability Information

• CVSSv3 score: 8.2
• CVSSv3 vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Mitigations

There are no known mitigations for this issue.

Work arounds

There are no known work arounds for this issue.

Acknowledgements

Issue found internally by Alta Security.

Disclosure Timeline

• 04/07/2023 Issue found internally by Alta Security
• 06/10/2023 Root cause established
• 06/10/2023 Fix identified
• 09/11/2023 Patched Alta Aware (Beta upgrade channel) released
• 04/12/2023 Patched Alta Aware (Stable upgrade channel) released
• 05/01/2024 Vulnerability publicly disclosed