Lucene search

Authentication Bypass by Spoofing

🗓️ 24 May 2022 00:00:00Reported by https://gitlab.com/gitlab-org/security-products/gemnasium-dbType

Critical Argo CD JWT Impersonation Vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
Cvelist	CVE-2022-29165 Argo CD will blindly trust JWT claims if anonymous access is enabled	20 May 202214:15	–	cvelist
RedhatCVE	CVE-2022-29165	18 May 202222:29	–	redhatcve
GitLab Advisory Database	Authentication Bypass by Spoofing	24 May 202200:00	–	gitlab
Github Security Blog	Argo CD will blindly trust JWT claims if anonymous access is enabled	24 May 202220:47	–	github
OSV	Argo CD will blindly trust JWT claims if anonymous access is enabled	24 May 202220:47	–	osv
OSV	CVE-2022-29165	20 May 202215:15	–	osv
OSV	GO-2022-0455 Argo CD will blindly trust JWT claims if anonymous access is enabled in github.com/argoproj/argo-cd	21 Aug 202415:11	–	osv
Prion	Cross site request forgery (csrf)	20 May 202215:15	–	prion
CVE	CVE-2022-29165	20 May 202215:15	–	cve
Veracode	User Impersonation Via Anonymous Access	23 May 202204:21	–	veracode

Source	Link
github	www.github.com/argoproj/argo-cd/security/advisories/GHSA-r642-gv9p-2wjj
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-29165
github	www.github.com/argoproj/argo-cd/releases/tag/v2.1.15
github	www.github.com/argoproj/argo-cd/releases/tag/v2.2.9
github	www.github.com/argoproj/argo-cd/releases/tag/v2.3.4
github	www.github.com/advisories/GHSA-r642-gv9p-2wjj

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 May 2022 00:00Current

2.5Low risk

Vulners AI Score2.5

EPSS0.00212