Cybersecurity specialists report the detection of some security flaws in Argo CD, a declarative continuous delivery tool for Kubernetes following the GitOps pattern of using Git repositories as a source source to define the desired state of the application. According to the report, successful exploitation of these flaws would allow threat actors to deploy multiple hacking tasks.

Below are brief reports of the detected failures, in addition to their respective tracking keys and scores assigned according to the Common Vulnerability Scoring System (CVSS).

CVE-2022-24768/CVE-2022-1025: Inadequate access restrictions would allow remote authenticated users with access to an application’s source Helm or git repository or sync</code> and <code>override access to obtain administrative privileges.

This vulnerability received a CVSS score of 8.6/10 and resides in the following Argo CD versions: 2.1.0 – 2.1.13, 2.3.0 – 2.3.1, 2.2.0 – 2.2.7, 2.0.0 – 2.0.5, 1.7.0 – 1.7.14, 1.8.0 – 1.8.7, 1.6.0 – 1.6.2, 1.5.0 – 1.5.8, 1.4.0 – 1.4.3, 1.3.0 – 1.3.6, 1.2.0 – 1.2.5, 1.1.0 – 1.1.2, 1.0.0 – 1.0.2, 0.7.0 – 0.7.2, 0.6.0 – 0.6.2, 0.5.0 – 0.5.4.

CVE-2022-24730: An input validation error when processing directory traversal streams on the endpoint /api/v1/repositories/{repo_url}/appdetails would allow remote users to send specially crafted HTTP requests and read arbitrary files on the system.

The vulnerability received a CVSS score of 5.7/10 and resides in the following Argo CD versions: 1.5.0 – 1.5.8, 1.6.0 – 1.6.2, 1.7.0 – 1.7.14, 1.8.0 – 1.8.7, 2.2.0 – 2.2.5, 2.1.0 – 2.1.10 and 2.0.0 – 2.0.5.

CVE-2022-24731: On the other hand, an input validation error when processing path traversal streams in the Helm chart would allow remote administrators to send HTTP requests specially designed to read arbitrary files on the system.

The flaw received a CVSS score of 4.6/10 and resides in the following versions of Argo CD: 1.5.0 – 1.5.8, 1.6.0 – 1.6.2, 1.7.0 – 1.7.14, 1.8.0 – 1.8.7, 2.2.0 – 2.2.5, 2.1.0 – 2.1.10 and 2.0.0 – 2.0.5.

While these flaws can be exploited remotely by authenticated threat actors, so far no active exploitation attempts related to these flaws have been detected. Still, users of affected deployments are encouraged to apply the available patches as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Privilege escalation and path traversal vulnerabilities affect Argo CD, the GitOps continuous delivery tool for Kubernetes appeared first on Information Security Newspaper | Hacking News.

source

You May Also Like

3 critical vulnerabilities in APC UPS could be exploited to shot down thousands of data centers

Cybersecurity specialists report the detection of three zero-day vulnerabilities in uninterruptible power…

3 XSS vulnerabilities in IBM Security QRadar SOAR: Update immediately

Cybersecurity specialists reported the detection of multiple vulnerabilities in IBM Security QRadar…

Vulnerability in Philips e-Alert would allow unauthorized actors to turn off MRI monitoring system

Cybersecurity specialists report the detection of a dangerous vulnerability in Philips e-Alert,…