CVE-2022-2528
N/A
N/A
Summary
In affected versions of Octopus Deploy it is possible to upload a package to built-in feed with insufficient permissions after re-indexing packages.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Octopus Deploy | Octopus Server | 3.0 < unspecified | affected |
| Octopus Deploy | Octopus Server | unspecified < 2022.1.3106 | affected |
| Octopus Deploy | Octopus Server | 2022.2.6729 < unspecified | affected |
| Octopus Deploy | Octopus Server | unspecified < 2022.2.7718 | affected |
| Octopus Deploy | Octopus Server | 2022.3.348 < unspecified | affected |
| Octopus Deploy | Octopus Server | unspecified < 2022.3.7782 | affected |
Weaknesses
- Broken Access Control
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.