CVE-2024-2975

Summary

A race condition was identified through which privilege escalation was possible in certain configurations.

Affected Software

VendorProductVersion RangeStatus
Octopus DeployOctopus Server0.9 < 2023.4.8432affected
Octopus DeployOctopus Server2024.1.437 < 2024.1.12087affected
Octopus DeployOctopus Server2024.2.101 < 2024.2.2075affected

Weaknesses

  • Race condition could lead to privilege escalation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References