Lucene search
Veracode Vulnerability DatabaseVERACODE:36337HistoryJul 13, 2022 - 9:10 a.m.
Privilege Escalation
2022-07-1309:10:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.001 Low
EPSS
Percentile
33.2%
github.com/argoproj/argo-cd is vulnerable to privilege escalation. Lack of enforcement of access restriction by application resource API allows an attacker to escalate the privileges to admin-level.
References
access.redhat.com/errata/RHSA-2022:1039
access.redhat.com/errata/RHSA-2022:1040
access.redhat.com/errata/RHSA-2022:1041
access.redhat.com/errata/RHSA-2022:1042
access.redhat.com/security/cve/CVE-2022-1025
bugzilla.redhat.com/show_bug.cgi?id=2064682
github.com/argoproj/argo-cd/commit/21f208f17e620d9c13e0d6f74fa9df63e393573c
github.com/argoproj/argo-cd/security/advisories/GHSA-2f5v-8r3f-8pww
Related
redhatcve
redhatcve
CVE-2022-1025
2022-03-22 17:35:13
nvd
nvd
CVE-2022-1025
2022-07-12 21:15:09
gitlab
gitlab
Incorrect Authorization
2022-07-13 00:00:00
Incorrect Authorization
2022-07-13 00:00:00
cve
cve
CVE-2022-1025
2022-07-12 21:15:09
cvelist
cvelist
CVE-2022-1025
2022-07-12 20:39:54
github
github
prion
prion
Improper access control
2022-07-12 21:15:00
osv
osv
CVE-2022-1025
2022-07-12 21:15:09
Argo CD improper access control bug can allow malicious user to escalate privileges to admin level
2022-07-13 00:00:41
Improper access control allows admin privilege escalation in Argo CD
2022-03-24 00:18:54
redhat
redhat
(RHSA-2022:1040) Important: Red Hat OpenShift GitOps security update
2022-03-23 21:13:36
(RHSA-2022:1039) Important: Red Hat OpenShift GitOps security update
2022-03-23 21:13:24
(RHSA-2022:1041) Important: Red Hat OpenShift GitOps security update
2022-03-23 21:13:43