CVE-2022-2760

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.
References
Link Resource
https://advisories.octopus.com/post/2022/sa2022-14/ Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*
cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*
cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*

Information

Published : 2022-09-28 12:15

Updated : 2022-09-29 04:37


NVD link : CVE-2022-2760

Mitre link : CVE-2022-2760

Products Affected
No products.
CWE