CVE-2017-15610
CVE-2017-15610
An issue was discovered in Octopus before 3.17.7. When the special Guest user account is granted the CertificateExportPrivateKey permission, and Guest Access is enabled for the Octopus Server, an attacker can sign in as the Guest account and export Certificates managed by Octopus, including the private key.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →