CVE-2026-3236
CVE-2026-3236
In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token.
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Produtos afetados
Octopus Deploy · Octopus ServerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →