Zuplo is an API management platform built for developers. It handles authentification and access to your API and provides additional
functionalities such as rate limiting the number of requests to your backend. In order for your backend to validate that a request has been processed
by Zuplo, it relies on an API key generated in Zuplo Developer Portal. If this key is compromised, attackers will be able to bypass Zuplo and access
your API without authentication and authorization.
Secret leaks often occur when a sensitive piece of authentication data is stored with the source code of an application. Considering the source
code is intended to be deployed across multiple assets, including source code repositories or application hosting servers, the secrets might get
exposed to an unintended audience.
Why is this an issue?
In most cases, trust boundaries are violated when a secret is exposed in a source code repository or an uncontrolled deployment environment.
Unintended people who don’t need to know the secret might get access to it. They might then be able to use it to gain unwanted access to associated
services or resources.
The trust issue can be more or less severe depending on the people’s role and entitlement.
What is the potential impact?
The exact impact of a Zuplo API key being leaked varies greatly depending on the type of services the software is used to implement. In general,
consequences ranging from a denial of service to application compromise can be expected.
Chaining of vulnerabilities
Triggering arbitrary workflows can lead to problems ranging from a denial of service to worse, depending on how the webhook’s data is handled. If
the webhook performs a specific action that is affected by a vulnerability, the webhook acts as a remote attack vector on the enterprise.
Components affected by this webhook could, for example, experience unexpected failures or excessive resource consumption. If it is a single point
of failure (SPOF), this leak is critical.
Compromise of sensitive data
If the affected service is used to store or process personally identifiable information or other sensitive data, attackers knowing an
authentication secret could be able to access it. Depending on the type of data that is compromised, it could lead to privacy violations, identity
theft, financial loss, or other negative outcomes.
In most cases, a company suffering a sensitive data compromise will face a reputational loss when the security issue is publicly disclosed.
How to fix it
Revoke the secret
Revoke any leaked secrets and remove them from the application source code.
Before revoking the secret, ensure that no other applications or processes are using it. Other usages of the secret will also be impacted when the
secret is revoked.
Use a secret vault
A secret vault should be used to generate and store the new secret. This will ensure the secret’s security and prevent any further unexpected
Depending on the development platform and the leaked secret type, multiple solutions are currently available.
Noncompliant code example