Vulnerabilities > Argoproj > Argo CD > High

DATE CVE VULNERABILITY TITLE RISK
2021-03-15 CVE-2021-26923 Information Exposure vulnerability in Argoproj Argo CD
An issue was discovered in Argo CD before 1.8.4.
network
low complexity
argoproj CWE-200
7.5
2020-04-08 CVE-2020-8828 Insecure Default Initialization of Resource vulnerability in Argoproj Argo CD
As of v1.5.0, the default admin password is set to the argocd-server pod name.
network
low complexity
argoproj CWE-1188
8.8
2020-04-08 CVE-2020-8827 Improper Restriction of Excessive Authentication Attempts vulnerability in Argoproj Argo CD
As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures.
network
low complexity
argoproj CWE-307
7.5
2020-04-08 CVE-2020-8826 Session Fixation vulnerability in Argoproj Argo CD
As of v1.5.0, the Argo web interface authentication system issued immutable tokens.
network
low complexity
argoproj CWE-384
7.5