Improper Authentication in Argo CD tool for Kubernetes
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper Authentication
EUVDB-ID: #VU27018
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-8827
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. A remote attacker can submit an unlimited number of authentication attempts without consequence, bypass authentication process and gain unauthorized access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsArgo CD: 1.0.0 - 1.5.0
CPE2.3- cpe:2.3:a:argo:argo-cd:1.0.2:*:*:*:*:kubernetes:*:*
- cpe:2.3:a:argo:argo-cd:1.1.2:*:*:*:*:kubernetes:*:*
- cpe:2.3:a:argo:argo-cd:1.2.5:*:*:*:*:kubernetes:*:*
- cpe:2.3:a:argo:argo-cd:1.3.6:*:*:*:*:kubernetes:*:*
- cpe:2.3:a:argo:argo-cd:1.4.3:*:*:*:*:kubernetes:*:*
- cpe:2.3:a:argo:argo-cd:1.5.0:*:*:*:*:kubernetes:*:*
https://argoproj.github.io/argo-cd/operator-manual/user-management/#disable-admin-user
https://argoproj.github.io/argo-cd/security_considerations/
https://github.com/argoproj/argo/releases
https://www.soluble.ai/blog/argo-cves-2020
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
