Privilege Escalation in Argo Events via EventSource and Sensor Custom Resources
A vulnerability exists in Argo Events, a Kubernetes workflow automation framework. Users with permissions to create or modify EventSource and Sensor custom resources can potentially gain privileged access to the host system and cluster, even without direct administrative rights. The vulnerability stems from the ability to customize EventSource and Sensor pods using spec.template and spec.template.container specifications. By specifying particular properties under the template, a user could manipulate container settings like command, args, securityContext, and volumeMount, ultimately enabling privileged cluster host access. This security issue has been addressed in version 1.9.6, which resolves the potential unauthorized access exploit.
Vulmon