CVE-2018-9039

CVE-2018-9039

In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. In other words, they can see machines beyond their team’s scoped environments.

Source: CVE-2018-9039

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다