CVE-2022-23184

2022-02-0702:35:09

Octopus

www.cve.org

octopus server

open redirects

localhost_bindings

EPSS

0.001

Percentile

32.6%

JSON

In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to localhost, Octopus Server will allow open redirects.

CNA Affected

[
  {
    "product": "Octopus Server",
    "vendor": "Octopus Deploy",
    "versions": [
      {
        "lessThan": "2021.2.8011",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "2021.3.11057",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

advisories.octopus.com/post/2022/sa2022-02/

EPSS

0.001

Percentile

32.6%

JSON

Related for CVELIST:CVE-2022-23184