Argo CD flaw puts cloud infrastructure at risk

A high-risk vulnerability that could allow attackers to steal sensitive information secrets from software projects was found and fixed in Argo CD, a widely used continuous delivery platform for applications deployed via Kubernetes.

According to researchers from cloud application security Apiiro, who found and reported the vulnerability, attackers could feed a maliciously crafted Kubernetes application deployment configuration file to Argo that can expose files, environment settings and secret tokens from the central repository server. This could potentially lead to privilege escalation and further lateral movement into the organization’s cloud infrastructure.

How does Argo work and what causes the issue?

Argo CD is an open-source, community maintained declarative, GitOps continuous delivery tool for Kubernetes environments. Argo allows developers to keep their deployed applications in sync with different states of the code in a central Git repository server.

“Argo CD automates the deployment of the desired application states in the specified target environments,” the project explains. “Application deployments can track updates to branches, tags, or pinned to a specific version of manifests at a Git commit.”

Argo runs as a kubernetes controller that continuously monitors the state of the deployed applications and compares their live states to the desired state from the Git repository. When applications deviate from the desired state it will flag it as “out of sync” and will offer various options to correct it, either automatic or manual.

Argo supports various application deployment definitions through other tools: Kustomize, a tool for defining Kubernetes configurations; Ksonnet, a framework for writing, sharing, and deploying Kubernetes application manifests; Jsonnet, a configuration language from Google that’s an extension to JSON and is used to define data templates; plain YAML/json manifests; Kubernetes Helm charts; and any custom config management tool that is integrated with Argo as a plug-in.

The newly patched vulnerability, tracked as CVE-2022-24348, takes advantage of how Argo interacts with Kubernetes Helm. Helm is a package manager that allows deploying packaged applications via Kubernetes. It is similar to the apt or yum application managers on Linux.

“A Helm chart is a YAML file that embeds different fields to form a declaration of resources and configurations needed in order for deploying an application,” the Apiiro researchers explained in an advisory. “The application in question can contain values of many sorts, one of those types can contain file names and relative paths to self-contained application parts in other files.”

The issue stems from the ability to include relative paths in the Helm chart files that could cause Argo to import files into the context of the defined application from directories on the Git server that do not belong to that application. This is known as path traversal and the Argo developers realized the danger in 2019, which is why they implemented checks to prevent such attacks in a file called ​​util/security/path_traversal.go. This mechanism is supposed to sanitize the source path input, but the Apiiro researchers discovered a way to bypass it.

This is because of another function called ParseRequestURI that parses raw URLs into proper structure. According to the Argo documentation, they function “assumes that the URL was received in an HTTP request, so the URL is interpreted only as an absolute URI or an absolute path. The string URL is assumed not to have a #fragment suffix.”

“Because the default behavior of the function is to take for granted that it receives an HTTP request, it can be an absolute path of a URL like /directory/values.yaml (take special notice of the prefixed backslash on the path),” the researchers explained. “When looking at it as a URL, it passes the sanity test but is an absolute file-path. Because the reposerver uses a monolithic and deterministic file-structure, all the other out-of-bound applications have a definite and predictable format and path.”

This means attackers can assemble concatenated direct calls to a values.yaml file that is outside the application and other applications use to store secret and sensitive values. “If an attacker with permissions to create or update applications knows or can guess the full path to a file containing valid YAML, they can create a malicious Helm chart to consume that YAML as values files, thereby gaining access to data they would otherwise have no access to,” the Argo developers explained in their advisory.

The flaw is rated as high severity with a CVSS score of 7.7 out of 10, but the developers note that the impact can become critical in environments that use encryption to protect value files and decrypt their secrets to disk before rendering the Helm chart. The flaw can also be used to enumerate all files on the repository servers by taking advantage of the error messages passed back to the user.

All versions of Argo CD are affected and patches have been released for releases 2.3.0, 2.2.4 and 2.1.9. It’s worth noting that Argo CD 2.3 is not a final release, but currently in the release candidate (RC) stage and brings many other changes as well.

Considering the rise of software supply chain attacks in popularity among hackers, vulnerabilities in tools that are used in software development or associated infrastructure like build servers and CI/CD should be treated very seriously. Attackers can take advantage of these vulnerabilities to compromise a software developer’s infrastructure to inject malicious code into their applications which then get distributed to users.