First published: Thu Oct 06 2022(Updated: )
In affected versions of Octopus Server it was identified that the same encryption process was used for both encrypting session cookies and variables.
Credit: security@octopus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Octopus Octopus Server | >=3.2.10<2022.1.3154 | |
Octopus Octopus Server | >=2022.2.6729<2022.2.7897 | |
Octopus Octopus Server | >=2022.3.348<2022.3.10586 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.