CVE-2021-21270 – OctopusDSC is a PowerShell module with DSC resources that can be used to install and confi …

Vuln ID: CVE-2021-21270

Published:  2021-01-22  18:15:12Z

Description: OctopusDSC is a PowerShell module with DSC resources that can be used to install and configure an Octopus Deploy Server and Tentacle agent. In OctopusDSC version 4.0.977 and earlier a customer API key used to connect to Octopus Server is exposed via logging in plaintext.

This vulnerability is patched in version 4.0.1002.

Source: NVD.NIST.GOV

 


Date:

Categorie(s):

Tag(s):