Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cleartext Storage of Sensitive Information
Vulnerability Description
OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext. This vulnerability is patched in version 4.0.1002.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
Octopus DSC 安全漏洞
Vulnerability Description
Octopus DSC是一个带有DSC资源的PowerShell模块,可以用来安装和配置Octopus Deploy服务器和触手代理。 Octopus DSC version 4.0.977 and earlier 存在安全漏洞,该漏洞源于允许通过明文登录来公开用于连接服务器的客户API密钥。
CVSS Information
N/A
Vulnerability Type
N/A