Vulnerabilities > CVE-2022-2782 - Insufficient Session Expiration vulnerability in Octopus Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
In affected versions of Octopus Server it is possible for a session token to be valid indefinitely due to improper validation of the session token parameters.