PT-2019-19275 · Octopus Deploy+1 · Octopus Deploy+1
Mcasperson
·
Publicado
2019-02-20
·
Atualizado
2022-07-27
·
CVE-2019-8944
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Octopus Deploy versions prior to 2018.10.4 LTS
Octopus Deploy versions prior to 2019.1.8
Description
An Information Exposure issue in the Terraform deployment step allows remote authenticated users to view sensitive Terraform output variables via log files.
Recommendations
For versions prior to 2018.10.4 LTS, update to version 2018.10.4 LTS or later.
For versions prior to 2019.1.8, update to version 2019.1.8 or later.
Correção
Insertion into Log File
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Octopus Deploy
Terraform