CVE-2022-1025

Summary

All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.

Affected Software

VendorProductVersion RangeStatus
n/aArgoCD0.5.0 through 2.1.12, 2.2.7, 2.3.1affected

Weaknesses

  • CWE-284: CWE-284->CWE-1220

ADP Enrichment

CVE Program Container

Additional References

References