cve-2024-21661
Vulnerability from cvelistv5
Published
2024-03-18 18:32
Modified
2024-08-02 15:09
Severity
7.5 (High) - cvssV3_1 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment
References
SourceURLTags
security-advisories@github.comhttps://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311
security-advisories@github.comhttps://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345
security-advisories@github.comhttps://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208
security-advisories@github.comhttps://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b
security-advisories@github.comhttps://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7
Impacted products
VendorProduct
argoprojargo-cd
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:27:35.875Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7"
          },
          {
            "name": "https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345"
          },
          {
            "name": "https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208"
          },
          {
            "name": "https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b"
          },
          {
            "name": "https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:argoproj:argo-cd:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "argo-cd",
            "vendor": "argoproj",
            "versions": [
              {
                "lessThan": "2.8.13",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "2.9.9",
                "status": "affected",
                "version": "2.9.0",
                "versionType": "custom"
              },
              {
                "lessThan": "2.10.4",
                "status": "affected",
                "version": "2.10.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21661",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-19T14:24:28.870844Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:09:39.868Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "argo-cd",
          "vendor": "argoproj",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.8.13"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.9.0, \u003c 2.9.9"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.10.0, \u003c 2.10.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. The vulnerability is rooted in the application\u0027s code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. This is a Denial of Service (DoS) vulnerability. Any attacker can crash the application continuously, making it impossible for legitimate users to access the service. The issue is exacerbated because it does not require authentication, widening the pool of potential attackers. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-18T18:32:24.871Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b"
        },
        {
          "name": "https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311"
        }
      ],
      "source": {
        "advisory": "GHSA-6v85-wr92-q4p7",
        "discovery": "UNKNOWN"
      },
      "title": "Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-21661",
    "datePublished": "2024-03-18T18:32:24.871Z",
    "dateReserved": "2023-12-29T16:10:20.367Z",
    "dateUpdated": "2024-08-02T15:09:39.868Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-21661\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-18T19:15:06.687\",\"lastModified\":\"2024-03-18T19:40:00.173\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service (DoS) attack, rendering the application inoperable and affecting all users. The issue arises from unsafe manipulation of an array in a multi-threaded environment. The vulnerability is rooted in the application\u0027s code, where an array is being modified while it is being iterated over. This is a classic programming error but becomes critically unsafe when executed in a multi-threaded environment. When two threads interact with the same array simultaneously, the application crashes. This is a Denial of Service (DoS) vulnerability. Any attacker can crash the application continuously, making it impossible for legitimate users to access the service. The issue is exacerbated because it does not require authentication, widening the pool of potential attackers. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue.\"},{\"lang\":\"es\",\"value\":\"Argo CD es una herramienta declarativa de entrega continua de GitOps para Kubernetes. Antes de las versiones 2.8.13, 2.9.9 y 2.10.4, un atacante pod\u00eda explotar una falla cr\u00edtica en la aplicaci\u00f3n para iniciar un ataque de denegaci\u00f3n de servicio (DoS), dejando la aplicaci\u00f3n inoperable y afectando a todos los usuarios. El problema surge de la manipulaci\u00f3n insegura de una matriz en un entorno de subprocesos m\u00faltiples. La vulnerabilidad tiene su origen en el c\u00f3digo de la aplicaci\u00f3n, donde se modifica una matriz mientras se itera sobre ella. Este es un error de programaci\u00f3n cl\u00e1sico, pero se vuelve cr\u00edticamente inseguro cuando se ejecuta en un entorno de subprocesos m\u00faltiples. Cuando dos subprocesos interact\u00faan con la misma matriz simult\u00e1neamente, la aplicaci\u00f3n falla. Esta es una vulnerabilidad de denegaci\u00f3n de servicio (DoS). Cualquier atacante puede bloquear la aplicaci\u00f3n continuamente, imposibilitando que los usuarios leg\u00edtimos accedan al servicio. El problema se agrava porque no requiere autenticaci\u00f3n, lo que ampl\u00eda el grupo de atacantes potenciales. Las versiones 2.8.13, 2.9.9 y 2.10.4 contienen un parche para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"references\":[{\"url\":\"https://github.com/argoproj/argo-cd/blob/54601c8fd30b86a4c4b7eb449956264372c8bde0/util/session/sessionmanager.go#L302-L311\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/2a22e19e06aaf6a1e734443043310a66c234e345\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/5bbb51ab423f273dda74ab956469843d2db2e208\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/commit/ce04dc5c6f6e92033221ec6d96b74403b065ca8b\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/argoproj/argo-cd/security/advisories/GHSA-6v85-wr92-q4p7\",\"source\":\"security-advisories@github.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.