CVE-2022-1670
When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of
When generating a user invitation code in Octopus Server, the validity of this code can be set for a specific number of users. It was possible to bypass this restriction of validity to create extra user accounts above the initial number of invited users.
HIGH · CVSS 7.5
EPSS 0.00241
Schedule remediation
- CVSS base score ≥ 7.0
Sigma rules0
YARA rules0