Argo CD vulnerability leaks sensitive info from Kubernetes apps

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. Tracked as CVE-2022-24348, the path-traversal flaw was discovered by the security research team at Apiiro and can lead to privilege escalation, information disclosure, and lateral movement attacks.

Read full article on Bleeping Computer

 


Date:

Categorie(s):