Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern.
View the template here CVE-2024-37152.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-37152