CVE-2021-31820

CVE-2021-31820

EPSS 0.6%

In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI.

Affected products

Octopus Deploy · Octopus Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://advisories.octopus.com/adv/2021-07---Proxy-Password-Stored-in-Plaintext-%28CVE-2021-31820%29.2193063986.html