{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-0526","assignerOrgId":"6f4f8c89-ef06-4bae-a2a5-6734ddf76272","state":"PUBLISHED","assignerShortName":"Octopus","dateReserved":"2025-01-17T03:24:52.395Z","datePublished":"2025-02-11T10:09:56.067Z","dateUpdated":"2025-03-18T17:50:08.178Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Windows"],"product":"Octopus Server","vendor":"Octopus Deploy","versions":[{"lessThan":"2024.3.13097","status":"affected","version":"2022.4.791","versionType":"custom"},{"lessThan":"2024.4.7091","status":"affected","version":"2024.4.401","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"This vulnerability was found by Edward Prior (@JankhJankh)"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows."}],"value":"In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows."}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"PRESENT","attackVector":"NETWORK","baseScore":2.3,"baseSeverity":"LOW","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"LOW","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"description":"File Upload Path Traversal","lang":"en"}]}],"providerMetadata":{"orgId":"6f4f8c89-ef06-4bae-a2a5-6734ddf76272","shortName":"Octopus","dateUpdated":"2025-02-11T10:20:54.415Z"},"references":[{"url":"https://advisories.octopus.com/post/2024/sa2025-03/"}],"source":{"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-862","lang":"en","description":"CWE-862 Missing Authorization"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-02-11T14:25:59.593142Z","id":"CVE-2025-0526","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-18T17:50:08.178Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-02-25T18:34:12.724Z"},"references":[{"url":"https://advisories.octopus.com/post/2025/sa2025-03/"}],"title":"CVE Program Container","x_generator":{"engine":"ADPogram 0.0.1"}}]}}