CVE-2022-30532 : In affected versions of Octopus Deploy, there is no logging of changes to artifa

In affected versions of Octopus Deploy, there is no logging of changes to artifacts within Octopus Deploy.

Published 2022-07-19 07:15:07

Updated 2022-08-18 13:49:55

Source Octopus Deploy

View at NVD, CVE.org

Products affected by CVE-2022-30532

Octopus » Octopus Server
Versions from including (>=) 0.9 and before (<) 2021.3.13021
cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
When used together with: Microsoft » Windows » Version: N/A
Octopus » Octopus Server
Versions from including (>=) 2022.3.348 and before (<) 2022.3.2387
cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
When used together with: Microsoft » Windows » Version: N/A
Octopus » Octopus Server
Versions from including (>=) 2022.1.0 and before (<) 2022.1.2849
cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*
Matching versions
When used together with: Linux » Linux Kernel » Version: N/A
When used together with: Microsoft » Windows » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2022-30532

EPSS FAQ

0.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 42 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-30532

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: None

References for CVE-2022-30532

https://advisories.octopus.com/post/2022/sa2022-08/

Security Advisory 2022-08 | Octopus Deploy Security Advisories
Vendor Advisory

Jump to

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!