CVE-2021-26556
N/A
N/A
Summary
When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Octopus Deploy | Octopus Server | 0.9 < unspecified | affected |
| Octopus Deploy | Octopus Server | unspecified < 2020.4.229 | affected |
| Octopus Deploy | Octopus Server | 2020.5.0 < unspecified | affected |
| Octopus Deploy | Octopus Server | unspecified < 2020.5.256 | affected |
Weaknesses
- Local privilege escalation in Octopus Server (Windows)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.