Security Advisory

CVE-2021-3557

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-16 16:37:57

Last updated 2024-08-03 17:01:07

Assigner redhat

State PUBLISHED

Description

A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest threat from this vulnerability is to data confidentiality.

← Browse all CVEs View on cve.org ↗