Lucene search
GoogleOSV:CVE-2021-21270HistoryJan 22, 2021 - 6:15 p.m.
CVE-2021-21270
2021-01-2218:15:12
Google
osv.dev
3
OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext. This vulnerability is patched in version 4.0.1002.
| CPE | Name | Operator | Version |
|---|---|---|---|
| octopusdsc | eq | 3.0.167 | |
| octopusdsc | eq | 4.0.235 | |
| octopusdsc | eq | 3.0.92 | |
| octopusdsc | eq | 3.0.147 | |
| octopusdsc | eq | 3.0.39 | |
| octopusdsc | eq | 4.0.401 | |
| octopusdsc | eq | 4.0.433 | |
| octopusdsc | eq | 4.0.831 | |
| octopusdsc | eq | 4.0.924 | |
| octopusdsc | eq | 4.0.537 |
Related
cve
cve
CVE-2021-21270
2021-01-22 18:15:12
prion
prion
Design/Logic Flaw
2021-01-22 18:15:00
nvd
nvd
CVE-2021-21270
2021-01-22 18:15:12
cvelist
cvelist
CVE-2021-21270 Cleartext Storage of Sensitive Information
2021-01-22 18:05:24