CVE-2022-2013

2022-06-1223:50:09

Octopus

www.cve.org

0.002 Low

EPSS

Percentile

51.5%

JSON

In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space.

CNA Affected

[
  {
    "product": "Octopus Server",
    "vendor": "Octopus Deploy",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "2022.1.1495",
        "versionType": "custom"
      },
      {
        "lessThan": "2022.1.2647",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

advisories.octopus.com/post/2022/sa2022-05/

0.002 Low

EPSS

Percentile

51.5%

JSON

Related for CVELIST:CVE-2022-2013