Information Disclosure Vulnerability in Octopus Deploy: Unauthorized Space ID Exposure

Information Disclosure Vulnerability in Octopus Deploy: Unauthorized Space ID Exposure

CVE-2022-2760 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.

Learn more about our User Device Pen Test.