Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions.
References
Link | Resource |
---|---|
https://advisories.octopus.com/post/2022/sa2022-03/ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Octopus
Published: 2022-05-04T06:15:11
Updated: 2022-05-04T06:15:11
Reserved: 2022-04-27T00:00:00
Link: CVE-2022-1502
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-04T07:15:07.210
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-1502
JSON object: View
Redhat Information
No data.
CWE