Name of the Vulnerable Software and Affected Versions: Teleport versions prior to 12.4.31 Teleport versions prior to 13.4.13 Teleport versions prior to 14.2.4

Description: An attacker with access to nodes within the cluster may be able to SFTP to the Proxy Service. The user's permissions on the Proxy server are still respected, so files can only be read or modified on the Proxy if the user has system access to read or write to them.

Recommendations: For versions prior to 12.4.31, update to version 12.4.31 or later. For versions prior to 13.4.13, update to version 13.4.13 or later. For versions prior to 14.2.4, update to version 14.2.4 or later. As a temporary workaround, ensure that regular users do not have a valid principal on the proxy server to mitigate the issue.