Vulnerabilities > CVE-2020-27155 - Unspecified vulnerability in Octopus Deploy
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
An issue was discovered in Octopus Deploy through 2020.4.4. If enabled, the websocket endpoint may allow an untrusted tentacle host to present itself as a trusted one.
Vulnerable Configurations
References
- https://github.com/OctopusDeploy
- https://github.com/OctopusDeploy
- https://github.com/OctopusDeploy/Issues/issues/6637
- https://github.com/OctopusDeploy/Issues/issues/6637
- https://github.com/OctopusDeploy/Issues/issues/6639
- https://github.com/OctopusDeploy/Issues/issues/6639
- https://github.com/OctopusDeploy/Issues/issues/6640
- https://github.com/OctopusDeploy/Issues/issues/6640