CVE-2021-31822

Summary

When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access.

Affected Software

VendorProductVersion RangeStatus
Octopus DeployOctopus Tentacle3.15.4 < unspecifiedaffected
Octopus DeployOctopus Tentacleunspecified < 6.1.1116affected

Weaknesses

  • Local privilege escalation in Octopus Tentacle

ADP Enrichment

CVE Program Container

Additional References

References