SB2023012633 - Multiple vulnerabilities in Argo CD

Description

This security bulletin contains information about 2 vulnerabilities.

1) Improper Authorization (CVE-ID: CVE-2023-22736)

CWE-ID: CWE-285 - Improper Authorization

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to improper authorization checks. A remote user can deploy Applications outside the configured allowed namespaces.

2) Improper Authorization (CVE-ID: CVE-2023-22482)

CWE-ID: CWE-285 - Improper Authorization

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote user to gain unauthorized access to the application.

The vulnerability exists due to improper authorization of the Argo CD valid tokens that were issued other audiences. A remote user with a valid token can gain unauthorized access to Argo CD instance.

Remediation

Install update from vendor's website.

References

• https://github.com/argoproj/argo-cd/security/advisories/GHSA-6p4m-hw2h-6gmw
• https://github.com/argoproj/argo-cd/security/advisories/GHSA-q9hr-j4rf-8fjc