CVE-2024-2975
HIGHDescription
A race condition was identified through which privilege escalation was possible in certain configurations.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| octopus | octopus_server |
| octopus | octopus_server |
| octopus | octopus_server |
| linux | linux_kernel |
| microsoft | windows |
References
Frequently Asked Questions
What is CVE-2024-2975? +
How severe is CVE-2024-2975? +
What products are affected by CVE-2024-2975? +
How do I check if I'm vulnerable to CVE-2024-2975? +
Related Vulnerabilities
In multiple functions of UserController.java, there is a possible lock screen bypass due to a race condition. This could lead …
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Linux and Microsoft Windows Octopus Server …
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication …
In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target …
In affected versions of Octopus Server under certain circumstances it is possible for sensitive variables to be printed in the …
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an …