CyberSec.Space Logo
Back to CVE Browser

CVE-2021-30183

HIGH
7.5
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile41.72th
PublishedMay 14, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Cleartext storage of sensitive information in multiple versions of Octopus Server where in certain situations when running import or export processes, the password used to encrypt and decrypt sensitive values would be written to the logs in plaintext.

Affected Platforms (CPE)

πŸ“¦
Octopus

Server

< 2020.5.329
πŸ“¦
Octopus

Server

>= 2020.6.0 and < 2020.6.4847
πŸ“¦
Octopus

Server

>= 2021.1.0 and < 2021.1.6959

References & Advisories

πŸ”— https://advisories.octopus.com/adv/2021-03---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-30183%29.1817083941.html
πŸ”— https://github.com/OctopusDeploy/Issues
πŸ”— https://advisories.octopus.com/adv/2021-03---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-30183%29.1817083941.html
πŸ”— https://github.com/OctopusDeploy/Issues

Related Vulnerabilities

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2017-1290510.0

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information ...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2017-1129110.0

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists tha...

CVE-2021-30183 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space