CVE-2024-37152
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. This vulnerability is fixed in 2.11.3, 2.10.12, and 2.9.17.
Learn more about our Cis Benchmark Audit For Kubernetes.
Learn more about our Cis Benchmark Audit For Kubernetes.