Lucene search
China National Vulnerability DatabaseCNVD-2022-85510HistoryNov 29, 2022 - 12:00 a.m.
Octopus Server Information Disclosure Vulnerability
2022-11-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Octopus Server, an automated deployment platform, is vulnerable to information disclosure in versions 2022.2.6729 and later up to 2022.2.7965, 2022.3.348 and later up to 2022.3.9163. An attacker could use this vulnerability to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| octopus octopus server >=2022.3.348, | lt | 2022.3.9163 | |
| octopus octopus server >=2022.2.6729, | lt | 2022.2.7965 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Related for CNVD-2022-85510