CVE-2024-1656

Summary

Affected versions of Octopus Server had a weak content security policy.

Affected Software

VendorProductVersion RangeStatus
Octopus DeployOctopus Server2018.1.0 < 2024.2.9193affected

Weaknesses

  • Insufficient Content Security Policy Configuration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References