CVE-2017-17665
Octopus Deploy prior to 4.1.3 is affected: the machine update process does not verify a user’s access to all environments, enabling an access‑control bypass by scoping a machine to environments the user cannot access. Vulnerable component: machine update process; root cause: missing environment‑l...