Security Advisory

CVE-2019-11632

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-05-01 13:07:14

Last updated 2024-08-04 22:55:41

Assigner mitre

State PUBLISHED

Description

In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. (These permissions are only used in custom User Roles and do not affect built in User Roles.)

← Browse all CVEs View on cve.org ↗