CVE-2022-1025
published 2022-07-12CVE-2022-1025: All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate…
PriorityP348high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.11%
61.9th percentile
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| argoproj | argo_cd | 0.5.0 – 2.1.12 | — |
| argoproj | argo_cd | 2.2.0 – 2.2.7 | — |
| argoproj | argo_cd | 2.3.0 – 2.3.1 | — |
| github.com | argoproj_argo-cd | 0.5.0 – 1.8.7 | — |
| github.com | argoproj_argo-cd | >= 0.5.0 | — |
| github.com | argoproj_argo-cd_v2 | >= 0 < 2.1.14 | 2.1.14 |
| github.com | argoproj_argo-cd_v2 | >= 2.2.0 < 2.2.8 | 2.2.8 |
| github.com | argoproj_argo-cd_v2 | >= 2.3.0 < 2.3.2 | 2.3.2 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_redhat8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
osv·2024-08-21
CVE-2022-1025 Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level in github.com/argoproj/argo-cd
GHSA
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
ghsa·2022-07-13
CVE-2022-1025 [HIGH] CWE-1220 Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
# Impact
## Impacts for versions starting with v1.0.0
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
To perform the following exploits, an authorized Argo CD user must have push access to an Application's source git or Helm repository or `sync` and `override` access to an Application. Once a user has that access, different exploitation levels are possible depending on their other RBAC privileges:
1. If that user has `update` access to the Application, they can modify any resource on the Application's destination cluster. If the destination cluster is
OSV
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
osv·2022-07-13
CVE-2022-1025 [HIGH] Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
# Impact
## Impacts for versions starting with v1.0.0
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
To perform the following exploits, an authorized Argo CD user must have push access to an Application's source git or Helm repository or `sync` and `override` access to an Application. Once a user has that access, different exploitation levels are possible depending on their other RBAC privileges:
1. If that user has `update` access to the Application, they can modify any resource on the Application's destination cluster. If the destination cluster is
Red Hat
kernel: heap overflow in nft_set_elem_init()
vendor_redhat·2022-07-02·CVSS 7.8
CVE-2022-34918 [HIGH] CWE-1025 kernel: heap overflow in nft_set_elem_init()
kernel: heap overflow in nft_set_elem_init()
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
A heap buffer overflow flaw was found in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFT_DATA_VERDICT type. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Mitigation: In order to trigger the issue, it requires the ability
Red Hat
Openshift-Gitops: Improper access control allows admin privilege escalation
vendor_redhat·2022-03-22·CVSS 8.8
CVE-2022-1025 [HIGH] CWE-863 Openshift-Gitops: Improper access control allows admin privilege escalation
Openshift-Gitops: Improper access control allows admin privilege escalation
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
A privilege escalation flaw was found in ArgoCD. This flaw allows a malicious user who has push access to an application's source git or Helm repository, or sync and override access, to perform actions they are not authorized to do.
For example, if the attacker has `update` or `delete` access, they can modify or delete any resource on the destination cluster and escalate ArgoCD privileges to the admin level. If the attacker has `get` access, they can view and list actions for any resource on the destination cluster except secret
No detection rules found.
No public exploits indexed.
2022-07-12
Published