In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10.
References
Link | Resource |
---|---|
https://github.com/OctopusDeploy/Issues/issues/5810 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-27T16:53:48
Updated: 2019-08-27T16:53:48
Reserved: 2019-08-27T00:00:00
Link: CVE-2019-15698
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-08-27T17:15:11.210
Modified: 2022-07-27T16:58:52.793
Link: CVE-2019-15698
JSON object: View
Redhat Information
No data.
CWE