CVE-2017-15610
The CVE describes a vulnerability in Octopus Deploy where, prior to version 3.17.7, granting the CertificateExportPrivateKey permission to the special Guest user and enabling Guest Access allows an attacker to sign in as Guest and export certificates managed by Octopus, including private keys. Af...