Clear Text Logging of OpenID Client Secret in Octopus Server Configuration

Clear Text Logging of OpenID Client Secret in Octopus Server Configuration

CVE-2023-1904 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server.

Learn more about our Cis Benchmark Audit For Server Software.