Three New Critical Vulnerabilities Uncovered in Argo


Security researchers have discovered three critical vulnerabilities within Argo, a popular GitOps continuous delivery tool used in Kubernetes setups. 

The vulnerabilities, identified by KTrust’s in-house researchers, pose significant risks to system security, including bypassing rate limit and brute force protection mechanisms, triggering denial of service (DoS) attacks and compromising user account safety.

The first vulnerability, CVE-2024-21662, involves bypassing rate limit and brute force protection by overloading the cache system, thereby resetting the protections and leaving the system vulnerable to attacks. 

“Researchers at KTrust exploited this limitation by inundating the system with login attempts across various user accounts,” the company wrote.

“This flood of attempts exceeded the cache’s capacity, forcing it to discard older entries, including the failed login attempts of the admin account.”

The second vulnerability, CVE-2024-21652, exploits a combination of weaknesses to bypass brute force protection through application crashes, resulting in the loss of in-memory data and allowing repeated login attempts without restriction. 

The third vulnerability, CVE-2024-21661, presents a high-severity risk. It allows for DoS attacks due to improper array manipulation in a multi-threaded environment.

“This flaw exists in the application’s coding practices. It occurs when an array is modified concurrently as it’s being iterated over.” KTrust explained.

Read more on Kubernetes security: Over Half of Users Report Kubernetes/Container Security Incidents

According to Nadav Aharon-Nov, the CTO and co-founder of KTrust, the vulnerabilities were reported to Argo in September 2023. Argo is reportedly planning to address these issues in an upcoming version of its product. 

“This discovery highlights our ability to exploit vulnerabilities in systems believed to be secure and serves as a critical reminder for developers and security professionals to continuously update and strengthen their security protocols,” the executive added.

“Addressing this loophole swiftly is essential to prevent potential security breaches in affected systems.”

At the time of writing, despite contact attempts by Infosecurity, Argo has not provided an immediate response regarding these vulnerabilities.

Tactics to defend Kubernetes environments include implementing robust access controls, regularly updating software components, employing network segmentation and conducting regular security audits and assessments.



Source link