← voltar
CVE-2018-9039

CVE-2018-9039

EPSS 1.0%
In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. In other words, they can see machines beyond their team's scoped environments.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/OctopusDeploy/Issues/issues/4407https://octopus.com/downloads/compare?from=2018.3.6&to=2018.3.7