Lucene search

CVE-2024-41666

🗓️ 24 Jul 2024 18:05:15Reported by [email protected]Type

Argo CD 2.6.0 allows users to perform operations in the container even after revoking permissions under certain condition

Reporter	Title	Published	Views	Family All 16
OSV	CGA-Q7QX-GJWV-53J3	8 Aug 202411:04	–	osv
OSV	CGA-R7M6-PWWC-53M7	8 Aug 202410:04	–	osv
OSV	CGA-WM8R-CC3X-2PQV	8 Aug 202411:04	–	osv
OSV	BIT-ARGO-CD-2024-41666	26 Jul 202407:16	–	osv
OSV	GO-2024-3006 The Argo CD web terminal session does not handle the revocation of user permissions properly in github.com/argoproj/argo-cd	6 Aug 202422:03	–	osv
OSV	CGA-4G44-RWJM-FQ5W	8 Aug 202409:04	–	osv
OSV	CGA-CW3F-X6HC-94P7	8 Aug 202411:04	–	osv
OSV	CVE-2024-41666	24 Jul 202418:15	–	osv
OSV	GHSA-V8WX-V5JQ-QHHW The Argo CD web terminal session does not handle the revocation of user permissions properly	24 Jul 202420:54	–	osv
Vulnrichment	CVE-2024-41666 The Argo CD web terminal session does not handle the revocation of user permissions properly.	24 Jul 202417:16	–	vulnrichment

Nvd

Node

argoproj argo_cdRange2.6.0–2.9.21

argoproj argo_cdRange2.10.0–2.10.16

argoproj argo_cdRange2.11.0–2.11.7

Source	Link
github	www.github.com/argoproj/argo-cd/commit/ef535230d8bd8ad7b18aab1ea1063e9751d348c4
github	www.github.com/argoproj/argo-cd/commit/05edb2a9ca48f0f10608c1b49fbb0cf7164f6476
drive	www.drive.google.com/file/d/1Fynj5Sho8Lf8CETqsNXZyPKlTDdmgJuN/view
github	www.github.com/argoproj/argo-cd/commit/e96f32d233504101ddac028a5bf8117433d333d6
github	www.github.com/argoproj/argo-cd/security/advisories/GHSA-v8wx-v5jq-qhhw

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Jul 2024 18:15Current

CVSS36.5

EPSS0.00074

CWE-269

argo cd kubernetes permissions vulnerability web-based terminal patch