How severe is CVE-2022-2782?

CVE-2022-2782 has a CVSS v3 score of 9.1 (CRITICAL).

CVE-2022-2782

Name: octopus_server
Author: octopus

9.1CRITICAL

In affected versions of Octopus Server it is possible for a session token to be valid indefinitely due to improper validation of the session token parameters.

Опубликовано: 10/27/2022Обновлено: 5/7/2025

Описание

In affected versions of Octopus Server it is possible for a session token to be valid indefinitely due to improper validation of the session token parameters.

ИИ-АнализНа базе ИИ

Затронутые продукты

octopusoctopus_server

Ссылки

https://advisories.octopus.com/post/2022/sa2022-21/
Vendor Advisory
https://advisories.octopus.com/post/2022/sa2022-21/
Vendor Advisory