Skip to main content

Argo CD CVE-2026-62185

HIGH
Initialization of a Resource with an Insecure Default (CWE-1188)
2026-07-13 VulnCheck
8.6
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
8.6 HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.6 HIGH

Attacker needs an in-cluster pod foothold (AV:A, PR:L) but no user interaction; exposed repo-server yields high confidentiality/integrity and limited availability impact, scope unchanged.

3.1 AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
4.0 AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jul 13, 2026 - 22:09 vuln.today
CVE Published
Jul 13, 2026 - 21:31 cve.org
HIGH 8.6

DescriptionCVE.org

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution.

AnalysisAI

Insecure-default configuration in the Argo CD (argoproj/argo-helm) Helm chart before 10.0.0 ships without any Kubernetes NetworkPolicy, so every pod sharing the cluster can reach the repo-server and other internal Argo CD APIs that are normally meant to be isolated. A low-privileged workload that an attacker already controls can chain this unrestricted intra-cluster access into full cluster compromise and remote code execution. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain foothold as pod on cluster
Delivery
Reach unprotected repo-server and Argo APIs
Exploit
Abuse exposed internal endpoints
Execution
Extract repo credentials / alter manifests
Persist
Pivot to remote code execution
Impact
Achieve cluster compromise

Vulnerability AssessmentAI

Exploitation Exploitation requires that Argo CD was deployed with the argo-helm chart before version 10.0.0 AND that the cluster has no independent network segmentation (a CNI-enforced NetworkPolicy or service mesh) compensating for the chart's missing default policy. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The supplied CVSS 4.0 vector (AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L, base 8.6) frames this as an adjacent-network, low-complexity, low-privilege issue with high confidentiality and integrity impact - consistent with an attacker who already has a foothold as some pod on the cluster (PR:L) rather than a fully unauthenticated internet-facing flaw. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has compromised or deployed any low-privileged pod on a shared Kubernetes cluster (for example via a vulnerable application workload) discovers that Argo CD's repo-server and internal APIs are reachable because no NetworkPolicy blocks pod-to-pod traffic. From that pod they connect directly to repo-server and the Argo APIs, abuse the exposed functionality to extract repository credentials or manipulate application manifests, and pivot toward broader cluster compromise and remote code execution. …
Remediation Vendor-released patch: upgrade the argo-helm Argo CD chart to version 10.0.0 or later, which installs the network policies by default, and confirm the NetworkPolicy resources are actually created in the Argo CD namespace after deployment. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all Argo CD deployments to identify instances running versions before 10.0.0 and assess co-location with third-party or untrusted workloads. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-62185 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy