VYPR
Medium severity6.5NVD Advisory· Published Feb 16, 2022· Updated Jun 17, 2026

CVE-2021-3557

CVE-2021-3557

Description

A flaw was found in argocd. Any unprivileged user is able to deploy argocd in their namespace and with the created ServiceAccount argocd-argocd-server, the unprivileged user is able to read all resources of the cluster including all secrets which might enable privilege escalations. The highest threat from this vulnerability is to data confidentiality.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • ArgoCD/ArgoCDcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.