Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.
History

Wed, 07 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Argoproj
Argoproj argo Cd
CPEs cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:* cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*
Vendors & Products Linuxfoundation
Linuxfoundation argo Continuous Delivery
Argoproj
Argoproj argo Cd

cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2021-05-12T22:45:13.917033Z

Updated: 2024-09-16T19:04:08.194Z

Reserved: 2021-01-06T00:00:00

Link: CVE-2021-23135

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-12T23:15:07.757

Modified: 2024-11-21T05:51:16.410

Link: CVE-2021-23135

cve-icon Redhat

No data.