PT-2022-14370 · Unknown · Octopus Server

Published

2022-06-12

Updated

2022-06-17

CVE-2022-2013

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Octopus Server versions 2022.1.1495 through 2022.1.2647

Description The issue allows new users to access the Script Console within their private space if private spaces were enabled via the experimental feature flag.

Recommendations For versions 2022.1.1495 through 2022.1.2647, update to version 2022.1.2647 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-2013

Affected Products

Octopus Server

PT-2022-14370 · Unknown · Octopus Server

CVE-2022-2013

Related Identifiers

Affected Products

References · 5