CVE-2022-41354

Description

An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.

Related CPE's

a linuxfoundation argo-cd ********

a linuxfoundation argo-cd ********

a linuxfoundation argo-cd ********

References

http://argo.com

Product

https://github.com/chunklhit/cve/blob/master/argo/argo-cd/application_enumeration.md

Broken Link

https://github.com/argoproj/argo-cd/security/advisories/GHSA-2q5c-qw9c-fmvq

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io