Lucene search
+L

4 matches found

NVD
NVD
added 2020/04/08 8:15 p.m.23 views

CVE-2020-8828

As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be ke...

8.8CVSS8.7AI score0.018EPSS
Exploits1References3
OSV
OSV
added 2020/04/08 8:15 p.m.13 views

CVE-2020-8828

As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be ke...

8.8CVSS6.8AI score
Exploits0References3
Cvelist
Cvelist
added 2020/04/08 7:49 p.m.26 views

CVE-2020-8828

As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be ke...

8.8AI score0.018EPSS
Exploits1References3
CVE
CVE
added 2020/04/08 7:49 p.m.79 views

CVE-2020-8828

CVE-2020-8828 affects Argo CD (v1.5.0 and earlier) where the default admin password is set to the argocd-server pod name. This creates privilege-escalation risk for insiders with cluster or log access due to Argo’s privileged roles. The impact is described as a privileged-escape scenario for atta...

8.8CVSS8.6AI score0.018EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder