Products
Octopus Server
- UNKNOWN
Source
security@octopus.com
Tags
CVE-2024-7998 details
Published : Aug. 21, 2024, 6:15 a.m.
Last Modified : Aug. 21, 2024, 12:30 p.m.
Last Modified : Aug. 21, 2024, 12:30 p.m.
Description
In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan.
CVSS Score
1 | 2.6 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
---|
Weakness
Weakness | Name | Description |
---|
CVSS Data
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
Base Score
2.6
Exploitability Score
1.0
Impact Score
1.4
Base Severity
LOW
Vector String : CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:N
References
URL | Source |
---|---|
https://advisories.octopus.com/post/2024/sa2024-07/ | security@octopus.com |
This website uses the NVD API, but is not approved or certified by it.