►
From YouTube: Dissecting the Discovery of the 0-Day Supply Chain Vulnerability in Argo CD - Moshe Zioni, Apiiro
Description
Dissecting the Discovery of the 0-Day Supply Chain Vulnerability in Argo CD - Moshe Zioni, Apiiro
The Security Researcher who discovered the 0-day vulnerability in Argo CD (CVE-2022-24348) will walk through the details of the vulnerability and the process that led to the finding. The discussion will include a deep-dive into: * How an attacker could circumvent Argo CD’s defenses to exploit the vulnerability and steal sensitive information * Remediation steps, and * Why the vulnerability matters to the ecosystem.
A
B
Thank
you
so
hello.
Everyone.
Thank
you
for
the
introduction.
I'm
honored
I'm
pretty
excited
to
be
here.
To
be
honest,
this
is
the
first
time
since
kovi
that
I'm
actually
speaking
to
a
crowd.
So
that's
amazing
by
itself
and
thank
you
for
being
here
we're
going
to
dissect
the
discovery
of
the
agua
city
supply
chain
attack.
First
of
all,
my
name
is
mushatsiyoni.
I
said
vp
of
security
research
at
apiro,
doing
appsec
security
for
the
past
20
plus
years
on
multiple
fields.
B
What
are
we
going
to
go
over
today
is,
first
of
all,
to
lay
the
ground
for
the
upcoming
items
of
what
is
ago
cd,
we're
not
going
to
go
full
of
a
full
course
of
what
is
adversity,
but
just
the
basics
that
will
have
a
common
ground
to
start
from
to
understand
what
is
the
the
attack
originated
from?
Why
does
the
vulnerability
that
we
are
going
to
discuss
here
matters,
maybe
more
than
than
other
vulnerabilities,
maybe
not
and
then
going
through
the
discovery
itself?
B
What
led
to
the
discovery
of
it
eventually,
of
course,
to
tie
the
knot
over
on
everything,
we're
going
to
discuss
the
attack
scenario
and
some
extended
scenarios
that,
to
be
honest,
we
didn't
discuss
up
until
now
and
then
go
through
remediation
steps
and
suggestions
that
we
can
go
with
long
term
remediations
as
well
for
the
better
of
the
agua
city
project
and
maybe
other
projects
we're
going
to
sum
up
everything
and,
of
course
I
hope
that
we'll
have
some
time
for
q
a
so,
let's
start
with
the
basics.
What
is
argo
cd?
B
As
said
argo
cd
is
a
cncf
project,
it's
covering
github's
automations
and
by
that
continuous
delivery,
specifically
in
open
source,
of
course,
which
is
pretty
unique
in
this
arena.
Most
of
the
cd
systems
are
not
open
source
and
agua
city
is
maybe
the
the
most
prominent
example
of
that
as
an
open
source
project.
B
Then
it's
also
true
cloud
native
meaning
that
it's
built
for
the
cloud
it's
built
to
be
on
kubernetes
itself
and
by
that
the
platform
is
very
native
to
many
cloud
native
native
for
many
cloud
applications
that
would
like
to
have
this
kind
of
packaging
on
common
languages
manifests
and
tools.
The
project
itself
is
using
multiple,
very
common,
open
source
projects
by
itself
like
jsonnet,
casenet,
helm,
charts,
especially
and
by
that
this
is
this,
is
makes
the
curve
of
loading
and
implementing
algo
city
a
very,
very
efficient
one.
And
lastly,
it
is.
B
If
we
have
a
role-based
authentication
or
we
have
something
else,
how
do
we
deploy
those
kind
of
instances,
especially
when
we
are
discussing
different
environments?
That's
where
github
comes
into
place,
because
we
need
to
tweak
those
kind
of
variables
and
by
that
needs
to
be
automated,
or
at
least
as
full
as
we
can
to
be
automated,
and
by
that
argo
is
providing
this
kind
of
health
monitoring
as
well
to
those
kind
of
instances
secrets
management
is
part
of
the
advocacy,
I
would
say
umbrella
term,
not
specifically
for
the
for
the
argo
cd
project.
B
There
are
several
plugins
and
stuff
that
are
connected
to
the
audio
cd
ecosystem.
That
will
provide
you
with
secret
management
within
it.
But
if
not
you,
you
also
have
the
native
way
of
of
managing
the
the
secrets
and
we
are
going
to
get
deeper
into
that
because
that's
the
culprit
of
the
vulnerability.
B
Lastly,
it
is
widely
connected
to
different
ci
and
other
sas
systems,
and
that's
why
agua
city
is
so
good
for
many
purposes.
Why
does
the
cve
that
we
are
discussing
right
now?
2022
24348
is
important
or
matters
for
us,
especially
for
me,
and
we
as
we
are.
We
are
discussing
with
many
of
our
contacts
about
supply
chain
attacks
and,
of
course,
this
has
been
trending
on
the
news,
but
more
than
that,
it's
there
is
a
specific,
the
specific
item
of
why
it's
being
trending
the.
B
Why
is
that
we
have
much
more
detections
and
we
are
much
much
more
aware
and
for
me
this
is
an
awareness
act
like
being
into
the
discussing
the
supply
chain
attack
is
very,
very
important.
That's
not
to
say
that
this
vulnerability
is
the
mega
vulnerability
of
everything.
It's
not.
That
said,
it
is
a
high
impact
vulnerability
and
should
be
discussed
in
a
very
serious
manner,
but
not
to
examine
or
exaggerate
or
over
hyping
it.
B
It
is
not
a
something
that
you
need
to
call
home
right
now
and
to
understand
if
you
have
something
take
the
time
to
understand,
if
you
have
the
limitations
and
we'll
discuss
remediation
at
the
end,
a
pattern
that
it
targets
the
critical
aspects
of
a
supply
chain,
not
that
not
just
a
supply
chain
attack,
but
it
also
covers
the
cd
system
by
that
it
comes
with
a
very
native
way
of
attacking
that.
So
that
means
that
you
do
not
need
a
special
port
to
be
open.
B
You
don't
need
something
that
is
out
of
the
default,
but
you
need
some
some
instances
of
algo
cd
that
will
be
discussed
further
and
by
that
kind
of
infrastructure.
That
makes
this
very,
very
much
interesting
and
and
complying
to
the
trend
of
not
just
attacking
the
supply
chain
attack,
but
also
by
the
supply
chain
infrastructure
and,
lastly,
on
this
kind
of
list
of
why
why
it
matters?
B
Lastly,
on
this
slide,
the
developability
encompasses
a
lot
of
what
we
discussed
so
far
about
the
cicd
systems
and
its
culprits,
and
why
it's
very
important
for
us
to
follow
up
on
those
kind
of
attacks.
It's
it
was
that
it
was
fixed
on
january.
This
year
and
since
then,
we
have
seen
much
more
interest
about
supply
chain,
not
because
of
that,
but
we
see
more
and
more
instances
of
those
kind
of
attacks
happening
because
it's
a
very
lucrative
attack
path
for
attackers
in
terms
of
merely
roi.
B
Lastly,
as
we
will
see
this,
this
specific
vulnerability
was
actually
predicted
by
the
developers,
so
developers
were
were
ready
for
this
kind
of
attacks,
at
least
in
the
metagame,
so
they
will
be
able
to
to
comply
with
that.
That
said,
of
course,
nothing
is
perfect
and
by
that
we
found
a
way
of
circumventing
this
kind
of
of
defense
and
throating
it
all
together.
B
So
let's
discuss
the
discovery
itself,
how
the
racist
strategy
goes
nothing
more
different
than
anything
else.
That
said,
there
is
maybe
some
basics
that
that
researchers
can
can
agree
on
what
is
the
basic
research
routine?
I
split
into
three
just
for
convenience,
but
this
this
is
more
of
a
personal
thing,
but
again
we
are
going
over
that,
but
in
general
we
go
through
a
phase
called
exploration.
We
just
want
to
skim
through
and
to
understand
the
ecosystem
to
understand
the
the
code
base.
B
We
can't
go
through
the
old
code
base.
You
can
do
that,
but
it's
first
of
all,
it's
very
boring
process
and
it's
more
of
a
automating
process,
but
more
than
that,
it's
not
efficient
for
you
to
discuss.
Actually
what
needs
to
be
secure
to
have
security
reviews.
You
will
have
to
consider
what
what
is
deserving
security
review.
B
That
means
that
you
have
some
kind
of
a
risk
level
for
each
commit,
maybe
to
each
feature
that
you
have,
and
by
that,
the
to
enforce
the
security
review
on
those
specifically
to
some
degree
that
you
would
like,
and
by
that
you'll,
be
much
more
efficient
and
that's
exactly
what
we
did
right
now
we
were
here.
We
are,
we
understood
what
is
going
on?
B
We
we
actually
go
through
the
tutorials
themselves
and
build
the
model,
meaning
that
we
have
those
we
actually
have
instances
of
of
aqua
cd
at
our
lab
and
by
that
trying
to,
of
course
play
with
that
a
very
basic
routine,
but
but
more
than
that
to
understand
what
is
extended
to
this
kind
of
ecosystem,
what
kind
of
plugins
there
are?
What
is
the
default
systems?
What
kind
of
tweaks
you
can
go
through?
What
is
the
basic
things
that
many
people
are
going
through
once
the
using
ago
city?
B
This
is
an
important
part,
because,
first
of
all,
once
you
have
a
vulnerability.
You
would
like
to
ask
yourselves
how
common
this
vulnerability
is,
how
scary
it
is,
and
second,
if
not
common,
what
kind
of
scenarios
will
will
will
need
to
be
will
need
to
be
converged
into
the
issue
that
is
is
handled
right
here
and
by
that
the
vulnerability
will
take
effect
or
maybe
a
greater
effect
than
before.
B
All
the
logic
would
like
to
attack
and
remember
once
we
someone
discussing
the
vulnerability,
many
turn
to
talking
about
the
the
actual
vector
of
attack
like
a
remote
or
crude
execution
or
the
helm
charts.
But
that's
that's
merely
important
if
you
don't
have
the
realization
of
what
is
the
the
business
logic
you
are
going
to
attack,
so
the
use
cases
are
based
on
business
logic,
mostly
most
of
the
time,
and
by
that
you
are
following
up
with
the
dive
into
the
mechanics
of
those
kind
of
business
logics.
B
Some
very
very
basics,
maybe
terminologies
here
sources
and
six
is
very
important
part
of
it
to
understand.
Once
you
have
this
kind
of
use
cases,
you
would
like
to
see
where,
where
what
kind
of
impact
it
can
have
at
a
maximum
like
what
are
the
think
of
it,
that's
called
sync
because
the
function
itself
sinks
into
something
like
file
system-
maybe
some
maybe
some
kind
of
a
network,
traffic
etc.
B
But
the
source
itself
is
the
input
that
you
are
providing
so
from
now
on,
I'm
going
to
call
to
call
it
input
parsing,
just
for
the
sake
of
it,
but
remember
this
is
a
very
thorough
method
that
will
that
everyone
has.
And
lastly,
development
history
is
very
important,
because
you
have
much
more
context.
B
You
cover
you
are
covering
that
as
part
of
your
exploration,
but
once
you
have
this
kind
of
homing
down
into
specific
use
cases
and
by
the
dipping
diving
into
those
kind
of
mechanics,
you
will
also
want
to
have
a
very
good
understanding
of
what
what
followed
until
now
to
understand
what
kind
of
development
history
were
under
those
kind
of
features
and
unless
they
had
said
what
is
passing
the
sniff
test.
What
this
is
more
of
an
experienced
thing,
but
it's
it's
a
necessary
to
understand
what
kind
of
attacks
are.
B
If
you
have,
the
common
input
of
the
helm
chart
is
providing
you
with
all
the
manifest
that
you
need,
and
then
we
found
out
that
the
an
actual
discussion
that
went
on
the
thread
themselves
about
something
called
the
value
files
on
helm
chart.
This
is
a
very
specific
part
of
the
standard
that
the
value
fields
is
a
list
of
values
that
will
give
you
either.
Excuse
me
value
files,
give
you
a
list
of
file
paths.
B
So
if
you
have
the
value
files
list
there,
the
actual
thing
that
will
happen
by
the
argo
cd
is
that
they
will
take
those
kind
of
strings
and
going
to
search
search
for
those
kind
of
files
or
websites
and
read
those
values
from
there.
The
values
can
be
by
the
way,
either
json
or
any
kind
of
yaml,
and
by
that
you
can
you
have
some
variability
about
what
can
be
controlled
by
those
kind
of
value
files.
B
Now,
why
it's
interesting
and
why
it
caught
our
eyes,
because
it's
important
to
understand
that
the
the
actual
repositories
that
are
holding
on
the
agua
cd
system,
the
adversity,
is
split
into
bot
into
pods.
One
of
the
parts
is
called
argo
cd,
repo
server
and
this
reaper
server
is
monolithic,
meaning
it's.
It
has
some
kind
of
a
file
structure,
a
very
deterministic
one,
so
you
can
predict
those
kind
of
file
structures
if
you
know
the
application
name.
B
That's
all
you
need,
and,
and
by
that,
if
you
have
like
kind
some
kind
of
a
path
traversal
to
another
file,
you
can
read
other
files
on
the
systems
now,
fortunately
enough
on
the
common
system
of
argo
cd,
there
is
no
yaml
or
json
file
that
you
can
just
read
from
the
system
and
gain
some
some
kind
of
a
god
mode
control.
That
said,
if
the
system
is
multi-tenant
and
multi-user
as
many
many
of
the
common
infrastructures
are,
you
can
potentially
maybe
read
other
files
on
the
system.
Now,
that's
why
it's
interesting.
B
That
said
the
it
wasn't
also
interesting
just
for
us.
It
was
interesting
for
these
developers
in
2019.
We
found
the
thread.
That
was
what
that
was
discussing.
That's
exactly
the
the
exact
case
of
this
kind
of
exploitation,
one
for
one,
the
developer
wrote.
What
is
concerning
me
here
is
this
type
of
behavior
can
be
used
as
a
directory
reversal
attack
and
he
is
completely
right.
Potentially
this
can
this
can
be
used
as
a
traversal
attack.
B
B
Let's
map
out
what
kind
of
sanity
checks
are
going
on
on
this
system
and
and
by
that
also,
how
can
we
foil
that
so,
first
of
all,
there
is
one
file
named
path
traversal,
which
you
can.
You
can
of
course
understand
what
it
means
to
do
which
goes
through
several
security
checks
and
the
security
checks
themselves
are
waterfall
based,
so
if
one
it
doesn't
doesn't
doesn't
have
a
tool,
it
becomes
false
in
the
actual
test
it
it
can
be
broken.
It
can
be.
B
Maybe
something
else,
but
they
tried
to
do
it.
It's
a
fail
open,
meaning
that,
once
you
have
something
you
will,
you
will
kill
it
as
much
as
you
can
in
terms
of
cleanup
and
by
in
that,
and
that
way
it
will
be
safe
to
use
most
of
the
time.
So
the
first
phase
and
the
most
important
phase
is
what
is
called
file
path.
Clean
file
path
is
a
golang
library
and
the
clean
is
very
common
way
of
cleaning
up
those
kind
of
strings.
B
B
Okay,
so
those
are
the
the
three
steps
and
by
that
I
omitted
the
the
last
part,
it's
just
going
to
fix
the
trailing
if
it
was
just
a
directory,
it
will
add
a
slash
at
the
end
now
so
far
so
good,
we've
we've
actually
implemented
just
for
research
purposes.
We've
implemented
this
code
a
very
light
one
on
a
different
script
and
we
actually
ran
through
those
kind
of
steps
many
times
on
a
high
level,
debug
system.
B
B
Uri
is
the
thing
that
is
going
to
split
through
what
is
going
to
go
through
path,
traversal
and
what
is
not
other
than
that
it
is
going
to
check
if
the
path
is
absolute
and
not
relative
and
and
and
lastly,
if
the
enforce
the
current
truth
is
happening
or
not
in.
If
it's,
if
it's
not
in
our
current
route,
it's
going
to
change
it
to
current
truth
and
then
load
the
file
and
what's
happening
again.
B
It's
going
to
check
for
the
path
is
absolute:
it's
going
to
go
through
the
security
checks
and
by
that
going
to
return
to
the
to
the
original
code
and
then
load
the
the
value,
the
value
file.
If
it's,
if
all
went
well
now,
why
I
mentioned
the
parse
request.
Uri
is
very,
very
important
because,
as
mentioned
before,
those
kind
of
values
can
have
http
https
values
as
well
and
for
a
good
reason.
Maybe
you
have
those
kind
of
values
somewhere
on
github
and
you
want
to
to
pull
from
there.
B
As
I
said,
maybe
it's
a
different
team.
Maybe
it's
a
different
package
you
would
like
to
load
and
by
that
you
will
have
this
kind
of
control.
This
is
a
very
basic
it
ops
and
very
common
git
ops
request
and
why
it's
important-
because
here
here
is
the
step
that
you
need
to
be
very,
very
careful
and
really
understand
what
is
going
on
so
reading
the
actual
documentation
from
golang
paris
request.
B
B
If
you
noticed
you
can
you
can
you
can
somehow
mix
the
two
and
think
that
the
default
of
parsing,
the
uri,
is
going
going
to
be
the
absolute
path?
But
that's
what
will
happen
if
I'm
going
to
present
an
absolute
path
to
the
2d
parse
request,
uri
simply
put
the
parse
request:
uri
will
think
of
it
as
a
uri
and
by
that
will
not
will
ignore
it
as
an
absolute
path
altogether.
B
So
I'll
be
able
to
input
absolute
pattern,
it
will
never
go
through
the
path
that
reversal
go
functions
and
by
that
that's
pretty
easy.
For
now,
once
you
understand
that
those
kind
of
application
repositories
are
deterministic
that
you
can
first
see
them
in
terms
of,
if
you
have
the
application
name,
you
are
you
can
you
can
contrast,
construct
the
whole
path
to
it
and
by
that
to
read
those
kind
of
secrets,
and
also
not
mentioning
not
mentioning
here
that
the
actual
error
returned?
B
If
you
have
the
time
some
extended
attacks
besides
that,
but
this
is
the
most
important
one
and
common
one
in
our
discussion
to
close
up
the
attack
flow,
so
an
attacker
which
is
a
user
or
an
authorized
user
on
the
system
and
a
different
other
authorized
user
on
the
system
logs
into
the
system
and
provide
it
with
a
malicious
helm.
Chart
yaml
and
by
that
the
helm
chart
will
point
into
different
files.
B
And
again
it's
going
to
because
of
the
absolute
pattern
that
we
are
going
to
provide
it
with
it's
going
to
traverse
the
path
reversal,
traversal
and
but
reversal
algorithm,
and
by
that
is
going
to
to
actually
get
to
the
files.
Then
the
attacker
will
read
it
off
screen
or
under
the
api
because
it
will
be
present
on
on
their
new
application,
that
they
try
to
build
with
the
helm,
chart
and,
and
the
whole
circle
comes
in.
To
close,
the
extension
of
those
of
this
attack
is
maybe
two
extensions.
B
But
again,
this
is
a
much
more
extended,
I
would
say
a
bit
more
complicated,
but
but
a
very
valid
attack
path.
The
second
one
is
that
not
only
repositories
are
are
residing
on
the
ripple
server
and
one.
A
very
crucial
example
is
that
plugins
are
also
can
be
presented,
or
at
least
plug-in
files
can
be
presented
on
the
repo
server
itself.
B
Remediation.
So,
first
of
all,
as
as
I
said,
remediation
is
the
first
of
all.
You
have
to
have
a
multi-user
on
a
system.
You
need
to
see
that
you
don't
have
any
other
users
that
you
are
not
familiar
with
or
not
necessary
users
that
will
minimize
the
risk
and,
of
course,
if
planned,
for
an
upgrade
for
the
igo
city
system,
starting
from
2.2.24
and
above
you'll,
be
the
cve
is
not
relevant
to
those
in
general.
B
The
path
reversal,
traversal
ingestion
system
was
completely
replaced
on
as
an
overhaul
by
the
agua
city
folks,
and
by
that
it's
the
the
attack
is
not
relevant,
at
least
for
for
the
time
being,
and
this
kind
of
attacks
is
not
relevant
to
the
old
path,
traversal
issue
and
it's.
It
is
much
more
robust
right
now
and
much
a
bit
more
generic
in
the
way
it
was
written.
B
Long-Term
remediation
is
more
of
the
out
for
the
advocacy
and
the
community,
but,
of
course,
the
monolithic
and
flat
in
terms
of
permissions
file
system
for
the
repo
server.
It's
a
very
dangerous
culprit
for
for
future
attacks
as
well.
So
I
I
would
like
to
see
some
kind
of
architectural
change
and
we're
actually
discussing
some
of
that,
those
on
several
threads
and
and
lastly,
implement
the
file
level
permission
model
for
the.
B
As
a
summary
and
conclusion
for
that
helm,
chart
yaml
itself,
many
facts
manifests
can
contain
malicious
fields.
Those
malicious
fields
can
can
lead
to
secrets
revealing
on
systems
that
are
using
multi-user
approaches
and
since
sensitive
data
can
be
exposed
by
that
the
path
traversal
was
suspected
and
also,
of
course,
the
the
big
takeaway
here
is
is,
of
course,
you
need
those
kind
of
tests
by
the
community
and
if
I
can
contribute
something
to
the
community.
This
is
my
contribution
and
the
special
thanks
for
the
argo
cd
folks
that
were
more
than
amazing.