CVE-2025-55190 Scanner

This scanner tests for vulnerabilities in ArgoCD, a popular open-source tool for deploying and managing applications on Kubernetes. ArgoCD is widely used by operations teams and developers to enable continuous delivery and GitOps workflows in cloud and on-premises environments. It provides secure and automated deployment management, making it essential for managing application lifecycles. With its role in streamlining operations, ensuring the security of ArgoCD is crucial to avoid potential disruptions in application delivery pipelines. ArgoCD is integrated with various platforms, making its security vital for maintaining the integrity of widely used applications. Identifying vulnerabilities in ArgoCD helps safeguard its role in efficient and reliable software delivery.

The vulnerability detected by this scanner is an Information Disclosure issue in ArgoCD. It allows API tokens with project-level permissions to access sensitive credentials through the project details API. This happens even if the user does not have explicit permissions to access this data, posing a serious security risk. The vulnerability affects several versions, including all with v2.2.0-rc1 and later. It enables unauthorized users to obtain sensitive repository credentials. Identifying this vulnerability is crucial to prevent unauthorized access and potential data breaches.

Technically, this vulnerability is located in the ArgoCD API endpoints. The vulnerable endpoint is '/api/v1/projects/default/detailed', which can be accessed with the 'GET' method. When a legitimate user logs in using their credentials, the API token obtained can be exploited to make unauthorized requests. The vulnerable parameter involves using the extracted token in requests, allowing access to sensitive data. This scanner checks for the presence of repositories and associated credentials in the response. If the condition is met, it confirms the presence of an Information Disclosure vulnerability.

Exploitation of this vulnerability can lead to severe consequences, such as unauthorized access to sensitive information stored in repositories, including usernames and passwords. Malicious actors can leverage these credentials to perform unauthorized actions on the system. It can potentially lead to further exploits in connected systems, data breaches, and compromise of application integrity. It also poses reputational and legal risks for organizations, necessitating immediate attention and mitigation.

REFERENCES

• https://github.com/argoproj/argo-cd/security/advisories/GHSA-786q-9hcg-v9ff
• https://nvd.nist.gov/vuln/detail/CVE-2025-55190
• https://github.com/argoproj/argo-cd/commit/e8f86101f5378662ae6151ce5c3a76e9141900e8