PT-2019-14330 · Octopus Deploy · Octopus Deploy
Published
2019-08-27
·
Updated
2022-07-27
·
CVE-2019-15698
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Octopus Deploy versions 2019.7.3 through 2019.7.9
Description
The issue allows an authenticated user with VariableView permissions to view sensitive values under certain circumstances.
Recommendations
For versions 2019.7.3 through 2019.7.9, update to version 2019.7.10 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Octopus Deploy