Security News > 2022 > February > New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps

Users of the Argo continuous deployment tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys.

The path-traversal vulnerability "Allows malicious actors to load a Kubernetes Helm Chart YAML file to the vulnerability and 'hop' from their application ecosystem to other applications' data outside of the user's scope," Moshe Zioni, Apiiro's VP of security research, said.

Bad actors can exploit the vulnerability by loading a malicious Kubernetes Helm Chart YAML file, a package manager which specifies a collection of Kubernetes resources required to deploy an application, onto the target system, allowing the retrieval of confidential information from other apps.

Successful exploitation of the defect could have serious consequences ranging from privilege escalation and sensitive information disclosure to lateral movement attacks and exfiltrate tokens from other applications.

Software supply chain has emerged as a major security threat in the wake of attacks exploiting SolarWinds, Kaseya, and Log4j in recent years.

In July 2021, Intezer disclosed that attackers are taking advantage of misconfigured Argo Workflows instances to drop cryptominers in Kubernetes clusters.

News URL

https://thehackernews.com/2022/02/new-argo-cd-bug-could-let-hackers-steal.html