Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-24348
CVE-2022-24348:
Argo CD vulnerability analysis and mitigation
Overview
Argo CD, a popular open-source Continuous Delivery platform, was affected by a path traversal vulnerability (CVE-2022-24348) discovered in versions before 2.1.9 and 2.2.x before 2.2.4. The vulnerability was identified by Apiiro's Security Research team and disclosed on February 3, 2022. The flaw allows attackers with permissions to create or update applications in Argo CD to access sensitive information such as secrets, passwords, and API keys stored in other repositories within the same Argo CD installation (Apiiro Blog, GitHub Advisory).
Technical details
The vulnerability stems from a path traversal bug in the helmTemplate function within repository.go that allows arbitrary values files to be consumed by Helm charts. The issue occurs due to an error in the way the application processes valueFiles values, specifically in the ParseRequestURI function's handling of absolute paths. The vulnerability received a CVSS score of 7.7 (High) with a vector of CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N (Apiiro Blog, GitHub Advisory).
Impact
The vulnerability allows attackers to access confidential information stored in other repositories within the same Argo CD installation. This is particularly critical in environments using encrypted value files containing sensitive data. Attackers can potentially discover credentials stored in YAML files, leading to privilege escalation, sensitive information disclosure, and lateral movement attacks (Apiiro Blog).
Mitigation and workarounds
The vulnerability has been patched in Argo CD versions 2.3.0, 2.2.4, and 2.1.9. For OpenShift GitOps users, fixes were released in versions 1.2.2, 1.3.3 (RHSA-2022:0476), and 1.4.2 (RHSA-2022:0477). Users with automatic approval strategy in OpenShift GitOps subscription will receive the fixes automatically, while those with manual approval strategy must manually upgrade the operator (Red Hat Blog).
Community reactions
The Argo CD team acknowledged the responsible disclosure by Moshe Zioni from Apiiro's Security Research team and worked swiftly to address the vulnerability. The incident response was praised for its professional handling and respect for the large user base (Apiiro Blog).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management