Vulnerabilities > CVE-2022-1670 - Unspecified vulnerability in Octopus Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |