Low severity3.5NVD Advisory· Published Apr 30, 2024· Updated Jun 17, 2026
CVE-2024-4226
CVE-2024-4226
Description
It was identified that in certain versions of Octopus Server, that a user created with no permissions could view all users, user roles and permissions. This functionality was removed in versions of Octopus Server after the fixed versions listed.
Affected products
2Patches
Vulnerability mechanics
References
1- advisories.octopus.com/post/2024/SA2024-03/nvdBroken Link
News mentions
0No linked articles in our index yet.