AllControls, YAML-scanning, ArmoBest
CVE-2022-24348 is a major software supply chain 0-day vulnerability in the popular open source CD platform Argo CD. Exploiting it enables attackers to obtain sensitive information like credentials, secrets, API keys from other applications on the platform. This in turn can lead to privilege escalation, lateral movements and information disclosure.
Checking Linux kernel version of the Node objects, if it is above 5.1 or below 5.16.2 it fires an alert
Update your ArgoCD deployment to fixed versions (v2.1.9,v2.2.4 or v2.3.0)
Updated 12 days ago