CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2021-23135 – Argo CD leaked secret data into error messages and logs on invalid edits via UI
https://notcve.org/view.php?id=CVE-2021-23135
Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14. Una exposición de los Datos del Sistema en una vulnerabilidad de Esfera de Control No Autorizada en la Interfaz de Usuario web de Argo CD permite a un atacante causar una filtración de datos secretos en unos registros y mensajes de error de la Interfaz de Usuario web. Este problema afecta a Argo CD versiones 1.8 anteriores a 1.8.7; versiones 1.7 anteriores a 1.7.14 • https://github.com/argoproj/argo-cd/security/advisories/GHSA-fp89-h8pj-8894 • CWE-209: Generation of Error Message Containing Sensitive Information CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-23347 – Cross-site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-23347
The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting (XSS) the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user. El paquete github.com/argoproj/argo-cd/cmd versiones anteriores a 1.7.13, versiones desde 1.8.0 y anteriores a 1.8.6, son vulnerables a un ataque de tipo Cross-site Scripting (XSS), el proveedor de SSO conectado a Argo CD tendría que devolver un mensaje de error malicioso que contiene JavaScript para el usuario • https://github.com/argoproj/argo-cd/pull/5563 https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMARGOPROJARGOCDCMD-1078291 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26921
https://notcve.org/view.php?id=CVE-2021-26921
In util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the user account is disabled. En el archivo util/session/sessionmanager.go en Argo CD versiones anteriores a 1.8.4, los tokens continúan funcionando inclusive cuando la cuenta de usuario está deshabilitada • https://github.com/argoproj/argo-cd/commit/f5b0db240b4e3abf18e97f6fd99096b4f9e94dc5 https://github.com/argoproj/argo-cd/compare/v1.8.3...v1.8.4 https://github.com/argoproj/argo-cd/security/advisories/GHSA-9h6w-j7w4-jr52 • CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-21034
https://notcve.org/view.php?id=CVE-2018-21034
In Argo versions prior to v1.5.0-rc1, it was possible for authenticated Argo users to submit API calls to retrieve secrets and other manifests which were stored within git. En Argo versiones anteriores a v1.5.0-rc1, era posible que los usuarios de Argo autenticados enviaran llamadas a la API para recuperar secretos y otros manifiestos que eran almacenados dentro de git. • https://github.com/argoproj/argo-cd/blob/a1afe44066fcd0a0ab90a02a23177164bbad42cf/util/diff/diff.go#L399 https://github.com/argoproj/argo-cd/issues/470 https://github.com/argoproj/argo-cd/pull/3088 https://www.soluble.ai/blog/argo-cves-2020 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8828
https://notcve.org/view.php?id=CVE-2020-8828
As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be kept secret and could wind up just about anywhere. A partir de la versión v1.5.0, la contraseña de administrador predeterminada es establecida en el nombre del pod argocd-server. Para los iniciados con acceso al clúster o los registros, este problema podría ser abusado para una escalada de privilegios, ya que Argo posee roles privilegiados. • https://argoproj.github.io/argo-cd/security_considerations https://github.com/argoproj/argo/releases https://www.soluble.ai/blog/argo-cves-2020 • CWE-287: Improper Authentication CWE-1188: Initialization of a Resource with an Insecure Default •