CVE-2020-8827

As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence.
Configurations

Configuration 1

cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*

Information

Published : 2020-04-08 08:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-8827

Mitre link : CVE-2020-8827

Products Affected
No products.
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts