CVE-2019-14525
N/A
N/A
Summary
In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/OctopusDeploy/Issues/issues/5753
- https://github.com/OctopusDeploy/Issues/issues/5754
- https://octopus.com/downloads/compare?from=2019.6.6&to=2019.7.7
References
- https://github.com/OctopusDeploy/Issues/issues/5753
- https://github.com/OctopusDeploy/Issues/issues/5754
- https://octopus.com/downloads/compare?from=2019.6.6&to=2019.7.7
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.