Argo Workflows has become the go-to workflow engine for orchestrating jobs on Kubernetes clusters. But in mid-2024, a severe vulnerability (CVE-2024-53862) was discovered that put the security of archived workflows at risk. Even fake tokens could give access to sensitive workflow data.
In this post, we’ll break down this vulnerability in simple terms, show code snippets for how it happened, and walk through how someone could exploit it. This post is written to help engineers, admins, and anyone running Argo Workflows understand and defend against this risk.
What is Argo Workflows and What Went Wrong?
Argo Workflows is an open-source workflow engine for Kubernetes. It lets you run complex jobs, track their progress, and store completed jobs as “Archived Workflows.” These archived workflows can include sensitive logs, input/output data, and information about how your infrastructure runs.
The Argo Workflows API comes with several authentication modes:
- --auth-mode=client: API tokens are passed from clients, and the Argo server relies on the Kubernetes API server for authentication & authorization.
The Intended Security Logic
With --auth-mode=client, Argo should CHECK if the token from the client is *actually* authorized in the Kubernetes API server. For archived workflows (stored in Argo’s own archive DB, not K8s), Argo has to simulate a kubectl auth can-i check, looking up the RBAC on its own.
The Vulnerability
In versions 3.5.7 and 3.5.8:
When you used the endpoint
GET /api/v1/workflows/{namespace}/{workflow-name}
and your request “fell back” to archived workflows (instead of active ones), Argo accidentally removed the code that checks your token’s permissions. This essentially let anyone with a token string resembling a Kubernetes ServiceAccount token—valid or completely fake—retrieve archived workflows.
In SSO mode, any valid token could retrieve *all* archived workflows for a namespace, *regardless* of whether the user really had permission.
Below is a simplified version of what was happening
// Pseudo-code before the bug:
if isArchivedRequest(req) {
if authz.CanI(reqUser, "get", workflow) {
return archivedWorkflow
} else {
return 403
}
}
// Pseudo-code in 3.5.7 / 3.5.8:
if isArchivedRequest(req) {
// Auth check is MISSING!
return archivedWorkflow
}
When the fallback code runs to fetch an archived workflow, the crucial authz check is gone—so *anyone* gets access.
Real-World Exploit—How Easy Was It?
If your Argo Workflows server is exposed (even behind some authentication) in these versions, a simple HTTP request, with *any* token in the header, will cough up archived workflow data.
Try it out (for education, on your own isolated instance)
curl -H "Authorization: Bearer totallyFakeToken" \
https://your-argo-server/api/v1/workflows/default/my-archived-workflow
You’ll get the archived workflow YAML/JSON—even though your token is complete garbage!
If you use SSO mode (--auth-mode=sso), then *any user* with SSO access (even with no Argo RBAC) can list ALL archived workflows, simply by hitting the endpoint.
curl -H "Authorization: Bearer foo" \
https://argo.example.com/api/v1/workflows/production/top-secret-job
`
4. The server serves up the archived workflow, including sensitive workflow specs, parameters, logs, etc.
This issue is tracked at
https://github.com/argoproj/argo-workflows/security/advisories/GHSA-6rr2-g392-qpj3
And in the CVE: https://nvd.nist.gov/vuln/detail/CVE-2024-53862
Fixed in:
3.6.2 (for the 3.6.x line)
The patch re-introduces the authorization check in the code path that fetches archived workflows, so now it properly checks your token’s Kubernetes RBAC for the requested resource.
Conclusion
CVE-2024-53862 is a serious reminder: always validate authentication and authorization—*even on internal endpoints and fallback code paths*. In busy projects like Argo Workflows, a missing check in just a couple lines can turn into a major security liability.
References
- Official Advisory: GHSA-6rr2-g392-qpj3
- NVD CVE Entry: CVE-2024-53862
- Argo Workflows Documentation
If you run Argo Workflows, go patch now. Secure your pipelines before someone else reads your secrets!
Timeline
Published on: 12/02/2024 16:15:14 UTC