Vulnerabilities > CVE-2022-2013 - Unspecified vulnerability in Octopus Deploy

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
octopus

Summary

In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space.

Vulnerable Configurations

Part Description Count
Application
Octopus
1
OS
Microsoft
1
OS
Linux
1