← volver
CVE-2022-1881

CVE-2022-1881

EPSS 0.5%
In affected versions of Octopus Server an Insecure Direct Object Reference vulnerability exists where it is possible for a user to download Project Exports from a Project they do not have permissions to access. This vulnerability only impacts projects within the same Space.
Productos afectados
Octopus Deploy · Octopus Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://advisories.octopus.com/post/2022/sa2022-06/