Script Console Access Vulnerability in Octopus Server (Versions 2022.1.1495 - 2022.1.2647)

Script Console Access Vulnerability in Octopus Server (Versions 2022.1.1495 - 2022.1.2647)

CVE-2022-2013 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space.

Learn more about our Cis Benchmark Audit For Server Software.