Argo CD flaw puts cloud infrastructure at risk

Read Time:30 Second

A high-risk vulnerability that could allow attackers to steal sensitive information secrets from software projects was found and fixed in Argo CD, a widely used continuous delivery platform for applications deployed via Kubernetes.

According to researchers from cloud application security Apiiro, who found and reported the vulnerability, attackers could feed a maliciously crafted Kubernetes application deployment configuration file to Argo that can expose files, environment settings and secret tokens from the central repository server. This could potentially lead to privilege escalation and further lateral movement into the organization’s cloud infrastructure.

To read this article in full, please click here

Generated by Feedzy

Cyber Security News

Friday Squid Blogging: Creating Batteries Out of Squid Cells

A Hacker’s Mind News

Critical flaw in WooCommerce can be used to compromise WordPress websites

Spot and Remove Viruses from Your Android Phone

CISA Unveils Ransomware Notification Initiative

WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites

GitHub Updates Security Protocol For Operations Over SSH

Cyberpion rebrands as Ionix, offering new EASM visibility improvements

Mobile Myths: Can My Apple Devices Get Hacked?