Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-24730  

A flaw was found in ArgoCD. This flaw allows an attacker with read-only repository access to leak files from the repo server that the attacker should not have access to. An attacker can send a crafted request to retrieve file contents. This issue results in the disclosure of sensitive information to an unauthorized actor and compromises data confidentiality.

Source

Description

A flaw was found in ArgoCD. This flaw allows an attacker with read-only repository access to leak files from the repo server that the attacker should not have access to. An attacker can send a crafted request to retrieve file contents. This issue results in the disclosure of sensitive information to an unauthorized actor and compromises data confidentiality.

Additional Information

  • Bugzilla 2062751: CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files
  • CWE-22->CWE-863->CWE-200: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') leads to Incorrect Authorization leads to Exposure of Sensitive Information to an Unauthorized Actor
  • FAQ: Frequently asked questions about CVE-2022-24730

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started