6.5

CVE-2024-41666

Exploit

EPSS 0.08%
Published 24.07.2024 18:15:05
Last modified 09.01.2025 16:54:08
Source security-advisories@github.com
Teams watchlist Login
Open Login

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD has a Web-based terminal that allows users to get a shell inside a running pod, just as they would with kubectl exec. Starting in version 2.6.0, when the administrator enables this function and grants permission to the user `p, role:myrole, exec, create, */*, allow`, even if the user revokes this permission, the user can still perform operations in the container, as long as the user keeps the terminal view open for a long time. Although the token expiration and revocation of the user are fixed, however, the fix does not address the situation of revocation of only user `p, role:myrole, exec, create, */*, allow` permissions, which may still lead to the leakage of sensitive information. A patch for this vulnerability has been released in Argo CD versions 2.11.7, 2.10.16, and 2.9.21.

Affected products Warnungen 0 Metrics 3 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Argoproj ≫ Argo Cd Version >= 2.6.0 < 2.9.21

Argoproj ≫ Argo Cd Version >= 2.10.0 < 2.10.16

Argoproj ≫ Argo Cd Version >= 2.11.0 < 2.11.7

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.238

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
security-advisories@github.com	4.7	1.2	3.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://drive.google.com/file/d/1Fynj5Sho8Lf8CETqsNXZyPKlTDdmgJuN/view?usp=sharing

Exploit

https://github.com/argoproj/argo-cd/commit/05edb2a9ca48f0f10608c1b49fbb0cf7164f6476

Patch

https://github.com/argoproj/argo-cd/commit/e96f32d233504101ddac028a5bf8117433d333d6

Patch

https://github.com/argoproj/argo-cd/commit/ef535230d8bd8ad7b18aab1ea1063e9751d348c4

Patch

https://github.com/argoproj/argo-cd/security/advisories/GHSA-v8wx-v5jq-qhhw

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-41666

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-41666

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-41666

EUVD