Sensitive Value Exposure in Octopus Deploy 2019.7.3 through 2019.7.9

Sensitive Value Exposure in Octopus Deploy 2019.7.3 through 2019.7.9

CVE-2019-15698 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, an authenticated user with VariableView permissions could view sensitive values. This is fixed in 2019.7.10.

Learn more about our User Device Pen Test.