CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-30183

HIGH
7.5
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile41.72th
Published2021年5月14日
Last Modified2024年11月21日

Vulnerability Description

Cleartext storage of sensitive information in multiple versions of Octopus Server where in certain situations when running import or export processes, the password used to encrypt and decrypt sensitive values would be written to the logs in plaintext.

Affected Platforms (CPE)

📦
Octopus

Server

< 2020.5.329
📦
Octopus

Server

>= 2020.6.0 and < 2020.6.4847
📦
Octopus

Server

>= 2021.1.0 and < 2021.1.6959

References & Advisories

🔗 https://advisories.octopus.com/adv/2021-03---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-30183%29.1817083941.html
🔗 https://github.com/OctopusDeploy/Issues
🔗 https://advisories.octopus.com/adv/2021-03---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-30183%29.1817083941.html
🔗 https://github.com/OctopusDeploy/Issues

相关漏洞威胁

CVE-2017-1013710.0

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that ar...

CVE-2017-1290510.0

Server Side Request Forgery vulnerability in Vebto Pixie Image Editor 1.4 and 1.7 allows remote attackers to disclose information ...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2017-1129110.0

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists tha...