CVE-2022-31105 — HIGH (8.3)

Q: How severe is CVE-2022-31105?

CVE-2022-31105 has been rated HIGH with a CVSS base score of 8.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-31105?

Check the references section above for vendor advisories and patch information. Affected products include: Argoproj Argo Cd, Linuxfoundation Argo-Cd.

Vulnerability Description

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls.

CVSS Score

8.3

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Argoproj	Argo Cd	>= 2.3.0, < 2.3.6
Linuxfoundation	Argo-Cd	>= 0.4.0, < 2.2.11

Related Weaknesses (CWE)

CWE-295 CWE-599

References

https://github.com/argoproj/argo-cd/releases/tag/v2.3.6Release NotesThird Party Advisory
https://github.com/argoproj/argo-cd/releases/tag/v2.4.5Release NotesThird Party Advisory
https://github.com/argoproj/argo-cd/security/advisories/GHSA-7943-82jg-wmw5Third Party Advisory
https://github.com/argoproj/argo-cd/releases/tag/v2.3.6Release NotesThird Party Advisory
https://github.com/argoproj/argo-cd/releases/tag/v2.4.5Release NotesThird Party Advisory
https://github.com/argoproj/argo-cd/security/advisories/GHSA-7943-82jg-wmw5Third Party Advisory

FAQ

What is CVE-2022-31105?

CVE-2022-31105 is a vulnerability with a CVSS score of 8.3 (HIGH). Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation ...

How severe is CVE-2022-31105?

CVE-2022-31105 has been rated HIGH with a CVSS base score of 8.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-31105?

Check the references section above for vendor advisories and patch information. Affected products include: Argoproj Argo Cd, Linuxfoundation Argo-Cd.