VDB
CVE-2024-41666
CVE-2024-41666
PUBLISHED
The Argo CD web terminal session does not handle the revocation of user permissions properly.
EPSS 0.10% · 28.1th percentile
Risk Scores
EPSS Score
0.10%
28.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | argo-cd | 2.6.0 |
| Bitnami | argo-cd | 2.6.0, 2.6.0, 2.6.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Jul 24, 2024 CVE Published
- Jul 25, 2024 EPSS Score
- Aug 7, 2024 CVE Updated
- Aug 15, 2024 EPSS Score
- Sep 6, 2024 EPSS Score
- Sep 27, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 19, 2024 EPSS Score
- Nov 9, 2024 EPSS Score
- Dec 2, 2024 EPSS Score
- Dec 23, 2024 EPSS Score
References
- https://drive.google.com/file/d/1Fynj5Sho8Lf8CETqsNXZyPKlTDdmgJuN/view?usp=sharing url
- https://github.com/argoproj/argo-cd/commit/05edb2a9ca48f0f10608c1b49fbb0cf7164f6476 url
- https://github.com/argoproj/argo-cd/commit/e96f32d233504101ddac028a5bf8117433d333d6 url
- https://github.com/argoproj/argo-cd/commit/ef535230d8bd8ad7b18aab1ea1063e9751d348c4 url
- https://github.com/argoproj/argo-cd/security/advisories/GHSA-v8wx-v5jq-qhhw url
- https://nvd.nist.gov/vuln/detail/CVE-2024-41666 url