C-0081 - CVE-2022-24348-argocddirtraversal

Framework

ArmoBest, AllControls

Severity

Medium

Description of the the issue

CVE-2022-24348 is a major software supply chain 0-day vulnerability in the popular open source CD platform Argo CD. Exploiting it enables attackers to obtain sensitive information like credentials, secrets, API keys from other applications on the platform. This in turn can lead to privilege escalation, lateral movements and information disclosure.

Related resources

Deployment

What does this control test

Checking Linux kernel version of the Node objects, if it is above 5.1 or below 5.16.2 it fires an alert

Remediation

Update your ArgoCD deployment to fixed versions (v2.1.9,v2.2.4 or v2.3.0)

Example