CVE-2021-23135

Summary

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14.

Affected Software

VendorProductVersion RangeStatus
Argo CDArgo CD1.8 < 1.8.7affected
Argo CDArgo CD1.7 < 1.7.14affected

Weaknesses

  • CWE-497: CWE-497 Exposure of System Data to an Unauthorized Control Sphere

ADP Enrichment

CVE Program Container

Additional References

References