When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.
CPE | Name | Operator | Version |
---|---|---|---|
octopus_deploy | ge | 0.9 | |
octopus_deploy | lt | 2020.4.229 | |
octopus_server | ge | 2020.5.0 | |
octopus_server | lt | 2020.5.256 |