Argo Workflows Template Referencing Bypass Vulnerability Allowing Host Network Access and Pod Security Overrides

A vulnerability exists in Argo Workflows versions prior to 3.7.14 and 4.0.5, allowing users with create Workflow permissions to bypass the Strict template referencing mode. This bypass enables access to the host network, the ability to switch service accounts, override pod security contexts, add tolerations for scheduling on control-plane nodes, or enable service account token mounting. The issue arises because the Strict mode only checks for the presence of a workflow template reference, without inspecting other fields that could override security settings. While some impacts may be mitigated by Kubernetes-level controls, clusters relying on Argo's Strict mode are fully exposed.

Impact

Exploitation of this vulnerability allows for unauthorized access to the host network, modification of pod security settings, and manipulation of service account assignments, potentially leading to elevated privileges or unauthorized actions within the Kubernetes cluster.

Reproduction

To reproduce this vulnerability, first enable Strict mode in the Argo Workflows controller. Then, submit a workflow that references a template while including overrides for fields such as hostNetwork or serviceAccountName. The workflow will be executed with the specified overrides, bypassing the security restrictions of the referenced template.

Remediation

Users can update to Argo Workflows versions 3.7.14 or 4.0.5, where this vulnerability has been patched.