CVE-2022-30532

Summary

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy.

Affected Software

VendorProductVersion RangeStatus
Octopus DeployOctopus Server0.9 < unspecifiedaffected
Octopus DeployOctopus Serverunspecified < 2021.3.13021affected
Octopus DeployOctopus Server2022.1.2121 < unspecifiedaffected
Octopus DeployOctopus Serverunspecified < 2022.1.2849affected
Octopus DeployOctopus Server2022.3.348 < unspecifiedaffected
Octopus DeployOctopus Serverunspecified < 2022.3.2387affected

Weaknesses

  • Insufficient Logging

ADP Enrichment

CVE Program Container

Additional References

References