Lucene search
Redhat.comRH:CVE-2024-37152HistoryJun 14, 2024 - 3:12 a.m.
CVE-2024-37152
2024-06-1403:12:25
redhat.com
access.redhat.com
1
argo cd gitops kubernetes
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
A flaw was found in Argo-CD. There is an issue with unauthenticated information disclosure of settings data through an exposed API endpoint at /api/v1/settings.
Related
veracode
veracode
Improper Authorization
2024-06-10 06:09:18
vulnrichment
vulnrichment
CVE-2024-37152 Unauthenticated Access to sensitive settings in Argo CD
2024-06-06 15:33:29
cvelist
cvelist
CVE-2024-37152 Unauthenticated Access to sensitive settings in Argo CD
2024-06-06 15:33:29
nvd
nvd
CVE-2024-37152
2024-06-06 16:15:13
osv
osv
Unauthenticated Access to sensitive settings in Argo CD in github.com/argoproj/argo-cd/v2
2024-06-14 13:41:08
CVE-2024-37152
2024-06-06 16:15:13
Unauthenticated Access to sensitive settings in Argo CD
2024-06-06 21:27:43
github
github
Unauthenticated Access to sensitive settings in Argo CD
2024-06-06 21:27:43
cve
cve
CVE-2024-37152
2024-06-06 16:15:13
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.1 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for RH:CVE-2024-37152