Argo CD vulnerable to Bypassing of Rate Limit and Brute Force Protection Using Cache Overflow

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application's weak cache-based mechanism. This loophole in security can be combined with other vulnerabilities to attack the default admin account. This flaw undermines a patch for CVE-2020-8827 intended to protect against brute-force attacks. The application's brute force protection relies on a cache mechanism that tracks login attempts for each user. This cache is limited to a `defaultMaxCacheSize` of 1000 entries. An attacker can overflow this cache by bombarding it with login attempts for different users, thereby pushing out the admin account's failed attempts and effectively resetting the rate limit for that account. This is a severe vulnerability that enables attackers to perform brute force attacks at an accelerated rate, especially targeting the default admin account. Users should upgrade to version 2.8.13, 2.9.9, or 2.10.4 to receive a patch.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

过多认证尝试的限制不恰当

Argo CD 安全漏洞

Argo CD是一个应用软件。用于Kubernetes的声明性GitOps连续交付工具。它持续监控正在运行的应用程序并将当前的实时状态与所需的目标状态（例如 Git 仓库中的配置）进行比较，在 Git 仓库更改时自动同步和部署应用程序。 Argo CD 2.8.13、2.9.9、2.10.4 之前版本存在安全漏洞，该漏洞源于允许攻击者利用程序薄弱的缓存机制，绕过速率限制和保护。

N/A

N/A