CVE-2024-1656

LOW EPSS 14.0%

Published Sep 11, 20241y ago · Modified Jun 17, 20261w ago

2.6 CVSS 3.1

Low

Published Sep 11, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

Affected versions of Octopus Server had a weak content security policy.

Base Score

2.6

Exploitability

1.2

Impact

1.4

Vector string

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

Attack Vector Network

Attack Complexity High

Privileges Required Low

User Interaction Required

Scope Unchanged

Confidentiality Low

Integrity None

Availability None

EPSS Exploit Probability

14.0% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Vendor	Product	Version	Range
octopus	octopus_server	*	≥2018.1.0 – <2024.2.9193
linux	linux_kernel	*	any
microsoft	windows	*	any

advisories.octopus.com https://advisories.octopus.com/post/2024/sa2024-08/

Vendor Advisory

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.