In Octopus Deploy 2.0 and later prior to 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. In other words, they can see machines beyond their team's scoped environments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
octopus octopus deploy |