In affected versions of Octopus Deploy users of certain browsers using AD to sign-in to Octopus Server were able to bypass authentication checks and be redirected to the configured redirect url without any validation.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://advisories.octopus.com/post/2022/sa2022-26/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Octopus
Published: 2023-01-03T00:00:00
Updated: 2024-08-03T01:14:02.447Z
Reserved: 2022-10-19T00:00:00
Link: CVE-2022-3614
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-03T02:15:16.620
Modified: 2024-11-21T07:19:53.053
Link: CVE-2022-3614
Redhat
No data.