Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions, resulting in a potential escalation of privileges.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Octopus Deploy 安全漏洞
Vulnerability Description
Octopus Deploy是澳大利亚Octopus Deploy公司的一款用于.NET、Java等应用程序的开发部署的自动化工具。 Octopus Deploy 3.2.11版本至4.1.5版本中存在安全漏洞。攻击者可利用该漏洞绕过辖域限制,可能提升权限。
CVSS Information
N/A
Vulnerability Type
N/A