Lucene search
OctopusCVELIST:CVE-2022-2780HistoryOct 14, 2022 - 12:00 a.m.
CVE-2022-2780
2022-10-1400:00:00
Octopus
www.cve.org
3
octopus server
vcs
git
smb
ntlm relay
cve-2022-2780
In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for an NTLM relay attack.
CNA Affected
[
{
"vendor": "Octopus Deploy",
"product": "Octopus Server",
"versions": [
{
"version": "2021.2.994",
"status": "affected",
"lessThan": "unspecified",
"versionType": "custom"
},
{
"version": "unspecified",
"lessThan": "2022.1.3180",
"status": "affected",
"versionType": "custom"
},
{
"version": "2022.2.6729",
"status": "affected",
"lessThan": "unspecified",
"versionType": "custom"
},
{
"version": "unspecified",
"lessThan": "2022.2.7965",
"status": "affected",
"versionType": "custom"
},
{
"version": "2022.3.348",
"status": "affected",
"lessThan": "unspecified",
"versionType": "custom"
},
{
"version": "unspecified",
"lessThan": "2022.3.10586",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2022-2780
2022-10-14 07:15:08
prion
prion
Cross site request forgery (csrf)
2022-10-14 07:15:00
cve
cve
CVE-2022-2780
2022-10-14 07:15:08