Description

Argo CD has an information disclosure vulnerability that allows an unauthenticated attacker to access to sensitive settings.

Remediation

Update to the latest version of Argo CD.

References

GitHub Security Advisory

Related Vulnerabilities

OpenSSL Improper Authentication Vulnerability (CVE-2023-2975)

Python Integer Overflow or Wraparound Vulnerability (CVE-2008-1679)

MySQL CVE-2022-21632 Vulnerability (CVE-2022-21632)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-19202)

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-0795)

Severity

Medium

Classification

CVE-2024-37152 CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Known Vulnerabilities