Clear Text Logging of OpenID Client Secret in Octopus Server Configuration
CVE-2023-1904 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
In affected versions of Octopus Server it is possible for the OpenID client secret to be logged in clear text during the configuration of Octopus Server.
Learn more about our Cis Benchmark Audit For Server Software.