Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers

The popular continuous-delivery platform has a path-traversal bug (CVE-2022-24348) that could allow cyberattackers to hop from one application ecosystem to another.

A high-severity security vulnerability in Argo CD can enable attackers to access targets’ application-development environments, paving the way for stealing passwords, API keys, tokens and other sensitive information.

Argo CD is a continuous-delivery platform deployed as a Kubernetes controller in the cloud, and it’s used to deploy applications, then continuously monitor them in real time as they run.

The bug is a path-traversal issue, according to Apiiro’s security-research team, which occurs when adversaries are able to access files and directories that are stored outside their permissioned purview. It carries a score of 7.7 out of 10 o the CVSS vulnerability-severity scale.

Attackers can exploit the bug (CVE-2022-24348) by loading a malicious Kubernetes Helm Chart YAML file into the Argo CD system, then using it to “hop” from their own application ecosystem to access other applications’ data, researchers said.

Breaking Down the Argo Attack Vector

The vulnerability exists in the way Argo CD handles the control for its anti-path-traversal security mechanism, according to Apiiro.

In terms of how the bug can be specifically exploited, it’s important

Read More: https://threatpost.com/argo-cd-security-bug-kubernetes-cloud-apps/178239/