Lucene search
Redhat.comRH:CVE-2024-31989HistoryMay 21, 2024 - 8:56 p.m.
CVE-2024-31989
2024-05-2120:56:28
redhat.com
access.redhat.com
4
argocd
redis
server
flaw
attacker
access
read/write
data
modify
deployment
privileges
cluster
A flaw was found in the ArgoCD Redis database server. This flaw allows an attacker with access to the Redis server to gain read/write access to the data in Redis. The attacker can also modify the “mfst” (manifest) key to cause ArgoCD to execute any deployment, potentially leveraging ArgoCD’s high privileges to take over the cluster.
Related
cvelist
cvelist
osv
osv
BIT-argo-cd-2024-31989
2024-05-29 07:16:41
ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache
2024-05-21 18:07:09
CVE-2024-31989
2024-05-21 19:15:09
veracode
veracode
Missing Default Authentication
2024-05-24 06:38:22
cve
cve
CVE-2024-31989
2024-05-21 19:15:09
wolfi
wolfi
CVE-2024-31989 vulnerabilities
2024-06-03 15:16:04
github
github
redhat
redhat