Vulnerabilities > CVE-2022-1025 - Incorrect Authorization vulnerability in Linuxfoundation Argo-Cd

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
linuxfoundation
CWE-863
critical

Summary

All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.

Vulnerable Configurations

Part Description Count
Application
Linuxfoundation
169

Common Weakness Enumeration (CWE)