nvd-json-data-feeds/CVE-2022/CVE-2022-243xx/CVE-2022-24348.json

{
  "id": "CVE-2022-24348",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2022-02-04T21:15:08.103",
  "lastModified": "2022-02-09T13:53:54.777",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Argo CD before 2.1.9 and 2.2.x before 2.2.4 allows directory traversal related to Helm charts because of an error in helmTemplate in repository.go. For example, an attacker may be able to discover credentials stored in a YAML file."
    },
    {
      "lang": "es",
      "value": "Argo CD versiones anteriores a 2.1.9 y versiones 2.2.x anteriores a 2.2.4, permite un salto de directorios relacionado con los gr\u00e1ficos de Helm debido a un error en helmTemplate en el archivo repository.go. Por ejemplo, un atacante puede ser capaz de detectar las credenciales almacenadas en un archivo YAML"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "2.1.9",
              "matchCriteriaId": "3212FE39-38D2-4CEE-B415-6EC37264BB5A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.2.0",
              "versionEndExcluding": "2.2.4",
              "matchCriteriaId": "6FB62CE6-51A7-4D74-9FCF-3B6EE02CCA3E"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://apiiro.com/blog/malicious-kubernetes-helm-charts-can-be-used-to-steal-sensitive-information-from-argo-cd-deployments/",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-63qx-x74g-jcr7",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ]
    }
  ]
}