Количество 2
Количество 2
CVE-2020-8828
As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be kept secret and could wind up just about anywhere.
GHSA-h8jc-jmrf-9h8f
Argo CD Insecure default administrative password
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-8828 As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be kept secret and could wind up just about anywhere. | CVSS3: 8.8 | 0% Низкий | почти 6 лет назад |
| GHSA-h8jc-jmrf-9h8f Argo CD Insecure default administrative password | CVSS3: 8.8 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу