CVE-2023-40025

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Aug 23, 2023
Updated: Aug 7, 2024
CWE ID 613

Summary

CVE-2023-40025 is a vulnerability affecting Argo CD, a popular Kubernetes continuous delivery tool starting from version 2.6.0. The issue involves open web terminal sessions that do not expire, allowing users to send websocket messages even after their tokens have expired. This vulnerability poses a significant risk as users can gain unauthorized access to sensitive information, especially if they leave the terminal view open for an extended period. The most straightforward attack scenario exploits this vulnerability by taking advantage of expired tokens to maintain access to the terminal session. Argo CD has released patches for this vulnerability in versions 2.6.14, 2.7.12, and 2.8.1. Users are advised to update their Argo CD installations to the latest patched versions to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share