Security Advisory

CVE-2024-37152

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-06 15:33:29

Last updated 2024-08-02 03:50:55

Assigner GitHub_M

State PUBLISHED

Description

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. This vulnerability is fixed in 2.11.3, 2.10.12, and 2.9.17.

← Browse all CVEs View on cve.org ↗