CVE-2026-42297: Argo Workflows Auth Bypass Vulnerability

CVE-2026-42297 Overview

CVE-2026-42297 is a missing authorization vulnerability [CWE-862] in Argo Workflows, an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. The flaw affects the Sync Service's ConfigMap-backed provider implemented in server/sync/sync_cm.go. The provider performs zero authorization checks on create, read, update, and delete operations. Any authenticated user, including those presenting forged Bearer tokens, can manipulate Kubernetes ConfigMaps that store synchronization limits. The issue affects versions from 4.0.0 up to but not including 4.0.5, and is patched in version 4.0.5.

Critical Impact

Authenticated attackers can create, read, update, and delete Kubernetes ConfigMaps holding workflow synchronization limits, enabling tampering with workflow concurrency controls across the cluster.

Affected Products

• Argoproj Argo Workflows versions 4.0.0 through 4.0.4
• Deployments using the Sync Service ConfigMap-backed provider (server/sync/sync_cm.go)
• Kubernetes clusters exposing the Argo Workflows API server to authenticated users

Discovery Timeline

• 2026-05-09 - CVE-2026-42297 published to NVD
• 2026-05-15 - Last updated in NVD database

Technical Details for CVE-2026-42297

Vulnerability Analysis

The vulnerability resides in the Sync Service component of Argo Workflows, which coordinates concurrent workflow execution through synchronization primitives stored in Kubernetes ConfigMaps. The ConfigMap-backed provider in server/sync/sync_cm.go exposes CRUD endpoints that mediate access to these synchronization limit objects.

The provider omits authorization enforcement entirely. Any caller that completes authentication, even with a fabricated Bearer token accepted by the API server, can invoke the full set of CRUD operations. The result is broken access control across a security-sensitive subset of the cluster state.

An attacker leveraging this flaw can manipulate workflow concurrency. Deleting or modifying ConfigMaps that hold synchronization limits disrupts orchestration logic. Creating malicious ConfigMaps allows the attacker to inject crafted limit data that downstream workflow logic will trust. The integrity and availability of orchestrated jobs are directly affected.

Root Cause

The root cause is missing authorization in the provider layer. The function set responsible for handling ConfigMap CRUD calls accepts any authenticated principal without consulting role-based access control (RBAC) or any equivalent policy check. Authentication is conflated with authorization.

Attack Vector

The attack vector is network-based and requires low privileges. An authenticated user with API access to the Argo Workflows Sync Service can issue CRUD requests against the ConfigMap-backed provider. Because the provider does not validate the requester's permissions on the underlying Kubernetes resources, the request succeeds regardless of the user's intended scope. Exploitation does not require user interaction.

No public proof-of-concept exploit is available for CVE-2026-42297, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. The current EPSS probability is 0.041%.

Detection Methods for CVE-2026-42297

Indicators of Compromise

• Unexpected creation, modification, or deletion of ConfigMaps used by the Argo Workflows Sync Service in the argo namespace or wherever workflow synchronization state is stored.
• Kubernetes API audit log entries showing ConfigMap CRUD operations originating from low-privilege service accounts or unknown Bearer token subjects.
• Workflow execution anomalies such as broken concurrency limits, stalled workflows, or sudden bursts of parallel pods that exceed prior synchronization caps.

Detection Strategies

• Enable Kubernetes audit logging for all ConfigMap verbs (create, get, update, patch, delete) in namespaces hosting Argo Workflows.
• Correlate authentication events with Sync Service activity to identify requests using Bearer tokens that do not map to provisioned RBAC subjects.
• Inventory installed Argo Workflows versions across clusters and flag any instance running 4.0.0 through 4.0.4.

Monitoring Recommendations

• Alert on ConfigMap mutations performed by identities that have not historically interacted with Argo Workflows resources.
• Track workflow concurrency metrics and trigger alerts when synchronization limit changes precede unexpected scheduling behavior.
• Forward Kubernetes audit logs and Argo Workflows server logs to a centralized analytics platform for retention and correlation.

How to Mitigate CVE-2026-42297

Immediate Actions Required

• Upgrade Argo Workflows to version 4.0.5 or later on every affected cluster. This is the only complete fix.
• Audit existing ConfigMaps in namespaces used by Argo Workflows for unauthorized changes since the deployment of any 4.0.x release prior to 4.0.5.
• Restrict network access to the Argo Workflows API server so that only trusted identities can authenticate.

Patch Information

The fix is delivered in Argo Workflows v4.0.5. Review the GitHub Security Advisory GHSA-xchc-cqwg-g76q for the disclosure details and the upstream commit 09fff05e for the code change. Release artifacts are available on the GitHub Release v4.0.5 page.

Workarounds

• Apply Kubernetes RBAC policies that deny ConfigMap CRUD verbs on synchronization objects to all non-administrative subjects until the upgrade is complete.
• Use a Kubernetes admission controller, such as OPA Gatekeeper or Kyverno, to block unauthorized ConfigMap mutations in Argo Workflows namespaces.
• Rotate any Bearer tokens or service account credentials that may have been exposed to clients during the affected version window.

# Verify the running Argo Workflows version and upgrade to 4.0.5
kubectl -n argo get deploy argo-server -o jsonpath='{.spec.template.spec.containers[0].image}'
kubectl -n argo set image deploy/argo-server argo-server=quay.io/argoproj/argocli:v4.0.5
kubectl -n argo rollout status deploy/argo-server