Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user creates a deployment or runbook process using Azure steps and sets the step's execution location to run on the server/worker, then (under certain circumstances) the account password is exposed in cleartext in the verbose task logs output.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Octopus Deploy 日志信息泄露漏洞
Vulnerability Description
Octopus Deploy是澳大利亚Octopus Deploy公司的一款用于.NET、Java等应用程序开发部署的自动化工具。 Octopus Deploy 日志信息泄露漏洞,攻击者可利用该漏洞获取敏感信息。以下是受影响的产品及版本:2020.3.x 至2020.3.4 和 2020.4.x 至 2020.4.1。
CVSS Information
N/A
Vulnerability Type
N/A