CVE-2022-24905
Argo CD login screen allows message spoofing if SSO is enabled
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds.
Argo CD es una herramienta declarativa de entrega continua GitOps para Kubernetes. Se encontró una vulnerabilidad en Argo CD En versiones anteriores a 2.3.4, 2.2.9 y 2.1.15 que permite a un atacante falsificar los mensajes de error en la pantalla de inicio de sesión cuando el inicio de sesión único (SSO) está habilitado. Para explotar esta vulnerabilidad, un atacante tendría que engañar a la víctima para que visite una URL especialmente diseñada que contenga el mensaje a mostrar. Según las investigaciones del equipo de CD de Argo, no es posible especificar ningún contenido activo (por ejemplo, Javascript) ni otros fragmentos de HTML (por ejemplo, enlaces en los que pueda hacerse clic) en el mensaje falsificado. Ha sido publicado un parche para esta vulnerabilidad en las versiones 2.3.4, 2.2.9 y 2.1.15 de Argo CD. En la actualidad no se conocen mitigaciones
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-10 CVE Reserved
- 2022-05-19 CVE Published
- 2023-10-31 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-290: Authentication Bypass by Spoofing
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://github.com/argoproj/argo-cd/releases/tag/v2.1.15 | Release Notes | |
| https://github.com/argoproj/argo-cd/releases/tag/v2.2.9 | Release Notes | |
| https://github.com/argoproj/argo-cd/releases/tag/v2.3.4 | Release Notes | |
| https://github.com/argoproj/argo-cd/security/advisories/GHSA-xmg8-99r8-jc2j | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2022-24905 | 2022-05-18 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2081689 | 2022-05-18 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linuxfoundation Search vendor "Linuxfoundation" | Argo-cd Search vendor "Linuxfoundation" for product "Argo-cd" | >= 0.6.1 < 2.1.15 Search vendor "Linuxfoundation" for product "Argo-cd" and version " >= 0.6.1 < 2.1.15" | - |
Affected
| ||||||
| Linuxfoundation Search vendor "Linuxfoundation" | Argo-cd Search vendor "Linuxfoundation" for product "Argo-cd" | >= 2.2.0 < 2.2.9 Search vendor "Linuxfoundation" for product "Argo-cd" and version " >= 2.2.0 < 2.2.9" | - |
Affected
| ||||||
| Linuxfoundation Search vendor "Linuxfoundation" | Argo-cd Search vendor "Linuxfoundation" for product "Argo-cd" | >= 2.3.0 < 2.3.4 Search vendor "Linuxfoundation" for product "Argo-cd" and version " >= 2.3.0 < 2.3.4" | - |
Affected
| ||||||