CVE-2022-24348

Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file.

Published: Feb 4, 2022
Updated: May 9, 2024
CVE: CVE-2022-24348
GHSA: GHSA-63qx-x74g-jcr7
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.7
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-200
CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
github.com/argoproj/argo-cd/v2	-	2.1.9
github.com/argoproj/argo-cd/v2	2.2.0	2.2.4
github.com/argoproj/argo-cd	-	2.1.9
argoproj / argo_cd	-	2.1.9
argoproj / argo_cd	2.2.0	2.2.4

https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/
https://github.com/argoproj/argo-cd/commit/78c2084f0febd159039ff785ddc2bd4ba1cecf88
https://github.com/argoproj/argo-cd/releases/tag/v2.1.9
https://github.com/argoproj/argo-cd/releases/tag/v2.2.4
https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7

Vulnerability Database

CVE-2022-24348