CVE-2024-52814
CVSS 3.1 Score 2.8 of 10 (low)
Details
Published Nov 22, 2024
CWE ID 1220
Summary
CVE-2024-52814 is a vulnerability affecting Argo Helm, a collection of community charts for `argoproj.github.io` projects. Prior to version 0.45.0, the `workflow-role` in Argo Helm lacked granularity in its privileges, granting permissions to `workflowtasksets` and `workflowartifactgctasks` for all workflow Pods, despite only specific types requiring these privileges. This issue poses a minimal risk, as attackers could only manipulate status reporting for certain types of Pods and templates. The vulnerability is resolved in version 0.45.0.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share