CVE-2022-1025
CVE-2022-1025
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
12 Jul 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
Affected products
n/a · ArgoCDWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →