Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Octopus Deploy 3.4. A deployment target can be configured with an Account or Certificate that is outside the scope of the deployment target. An authorised user can potentially use a certificate that they are not in scope to use. An authorised user is also able to obtain certificate metadata by associating a certificate with certain resources that should fail scope validation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Octopus Deploy 信任管理问题漏洞
Vulnerability Description
Octopus Deploy是澳大利亚Octopus Deploy公司的一款用于.NET、Java等应用程序开发部署的自动化工具。 Octopus Deploy 3.4. A存在安全漏洞,该漏洞允许使用账号或证书配置权限范围之外的目标,攻击者可以利用此漏洞进行越权操作。
CVSS Information
N/A
Vulnerability Type
N/A