Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.
Metrics
Affected Vendors & Products
References
History
Wed, 07 Aug 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Argoproj
Argoproj argo Cd |
|
CPEs | cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linuxfoundation
Linuxfoundation argo Continuous Delivery |
Argoproj
Argoproj argo Cd |
MITRE
Status: PUBLISHED
Assigner: palo_alto
Published: 2021-05-12T22:45:13.917033Z
Updated: 2024-09-16T19:04:08.194Z
Reserved: 2021-01-06T00:00:00
Link: CVE-2021-23135
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-05-12T23:15:07.757
Modified: 2024-11-21T05:51:16.410
Link: CVE-2021-23135
Redhat
No data.