VYPR
Low severity3.5NVD Advisory· Published Apr 30, 2024· Updated Jun 17, 2026

CVE-2024-4226

CVE-2024-4226

Description

It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and permissions. This functionality was removed in versions of Octopus Server after the fixed versions listed.

Affected products

2
  • Octopus/Serverllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 2022.2.5205

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.