In affected versions of Octopus Server it is possible to reveal information about teams via the API due to an Insecure Direct Object Reference (IDOR) vulnerability
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://advisories.octopus.com/post/2022/sa2022-19/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Octopus
Published: 2022-10-13T00:00:00
Updated: 2024-08-03T00:52:59.569Z
Reserved: 2022-08-16T00:00:00
Link: CVE-2022-2828
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-13T05:15:08.947
Modified: 2024-11-21T07:01:45.973
Link: CVE-2022-2828
Redhat
No data.