Critical Vulnerability: Encryption Weakness in Octopus Server Exposes Session Cookies and Variables
CVE-2022-2781 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.
Learn more about our Cis Benchmark Audit For Server Software.