CVE-2022-24768 Information

Description

Argo CD is a declarative GitOps continuous delivery tool for Kubernetes. All unpatched versions of Argo CD starting with 1.0.0 are vulnerable to an improper access control bug allowing a malicious user to potentially escalate their privileges to admin-level. Versions starting with 0.8.0 and 0.5.0 contain limited versions of this issue. To perform exploits an authorized Argo CD user must have push access to an Application’s source git or Helm repository or sync and override access to an Application. Once a user has that access different exploitation levels are possible depending on their other RBAC privileges. A patch for this vulnerability has been released in Argo CD versions 2.3.2 2.2.8 and 2.1.14. Some mitigation measures are available but do not serve as a substitute for upgrading. To avoid privilege escalation limit who has push access to Application source repositories or sync + override access to Applications; and limit which repositories are available in projects where users have update access to Applications. To avoid unauthorized resource inspection/tampering limit who has delete get or action access to Applications.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://github.com/argoproj/argo-cd/releases/tag/v2.2.8 https://github.com/argoproj/argo-cd/commit/af03b291d4b7e9d3ce9a6580ae9c8141af0e05cf https://github.com/argoproj/argo-cd/security/advisories/GHSA-2f5v-8r3f-8pww https://github.com/argoproj/argo-cd/releases/tag/v2.3.2 https://github.com/argoproj/argo-cd/releases/tag/v2.1.14

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8