Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-22736

Опубликовано: 26 янв. 2023
Источник: nvd
CVSS3: 8.5
EPSS Низкий

Описание

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions starting with 2.5.0-rc1 and above, prior to 2.5.8, and version 2.6.0-rc4, are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Reconciled Application namespaces are specified as a comma-delimited list of glob patterns. When sharding is enabled on the Application controller, it does not enforce that list of patterns when reconciling Applications. For example, if Application namespaces are configured to be argocd-*, the Application controller may reconcile an Application installed in a namespace called other, even though it does not start with argocd-. Reconciliation of the out-of-bounds Application is only triggered when the Application is updated, so the attacker must be able to cause an update operation on the Application resource. This bug only applies to users who have explicitly enabled the "apps-in-any-n

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*
Версия от 2.5.0 (включая) до 2.5.8 (исключая)
cpe:2.3:a:argoproj:argo_cd:2.6.0:rc1:*:*:*:*:*:*
cpe:2.3:a:argoproj:argo_cd:2.6.0:rc2:*:*:*:*:*:*
cpe:2.3:a:argoproj:argo_cd:2.6.0:rc3:*:*:*:*:*:*
cpe:2.3:a:argoproj:argo_cd:2.6.0:rc4:*:*:*:*:*:*

EPSS

Процентиль: 10%
0.00035
Низкий

8.5 High

CVSS3

Дефекты

CWE-862

Связанные уязвимости

redhat логотип

CVE-2023-22736

CVSS3: 8.5
redhat
около 3 лет назад

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions starting with 2.5.0-rc1 and above, prior to 2.5.8, and version 2.6.0-rc4, are vulnerable to an authorization bypass bug which allows a malicious Argo CD user to deploy Applications outside the configured allowed namespaces. Reconciled Application namespaces are specified as a comma-delimited list of glob patterns. When sharding is enabled on the Application controller, it does not enforce that list of patterns when reconciling Applications. For example, if Application namespaces are configured to be argocd-*, the Application controller may reconcile an Application installed in a namespace called other, even though it does not start with argocd-. Reconciliation of the out-of-bounds Application is only triggered when the Application is updated, so the attacker must be able to cause an update operation on the Application resource. This bug only applies to users who have explicitly enabled the "apps-in-an...

github логотип

GHSA-6p4m-hw2h-6gmw

CVSS3: 8.5
github
около 3 лет назад

Controller reconciles apps outside configured namespaces when sharding is enabled

fstec логотип

BDU:2023-00641

CVSS3: 8.5
fstec
около 3 лет назад

Уязвимость декларативного инструмента непрерывной доставки GitOps для Kubernetes Argo CD, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 10%
0.00035
Низкий

8.5 High

CVSS3

Дефекты

CWE-862