PT-2019-13732 · Octopus Deploy · Octopus Deploy

Slewis74

Published

2019-08-05

Updated

2022-07-27

CVE-2019-14525

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Octopus Deploy versions 2019.4.0 through 2019.6.x before 2019.6.6 Octopus Deploy versions 2019.7.x before 2019.7.6

Description An authenticated system administrator can view sensitive values by visiting a server configuration page or making an API call.

Recommendations For Octopus Deploy versions 2019.4.0 through 2019.6.x before 2019.6.6, update to version 2019.6.6 or later. For Octopus Deploy versions 2019.7.x before 2019.7.6, update to version 2019.7.6 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-14525

Affected Products

Octopus Deploy

PT-2019-13732 · Octopus Deploy · Octopus Deploy

CVE-2019-14525

Related Identifiers

Affected Products

References · 6