CVE-2024-6972

In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the task log in clear-text.

Published: Jul 25, 2024
Updated: Jul 26, 2024
CVE: CVE-2024-6972
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
octopus / octopus_server	2024.1.437	2024.1.12759
octopus / octopus_server	2024.2.101	2024.2.9193

https://advisories.octopus.com/post/2024/sa2024-06/

Vulnerability Database

CVE-2024-6972