PT-2020-16228 · Octopus Deploy · Octopus Deploy

Published

2020-10-12

Updated

2020-10-26

CVE-2020-25825

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Octopus Deploy versions 3.1.0 through 2020.4.0

Description The issue allows certain scripts to reveal sensitive information to the user in the task logs.

Recommendations For versions 3.1.0 through 2020.4.0, update to a version that contains a fix for this issue to prevent sensitive information from being revealed in task logs.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-25825

Affected Products

Octopus Deploy

PT-2020-16228 · Octopus Deploy · Octopus Deploy

CVE-2020-25825

Related Identifiers

Affected Products

References · 7