CVSS 3.1 Score 5.5 of 10 (medium)


Published Aug 2, 2023
Updated: Aug 7, 2023


CVE-2022-2346 is a vulnerability that affects Octopus Deploy. In the affected versions, a low privileged guest user can interact with extension endpoints. The vulnerability has a base severity of MEDIUM and a base score of 5.5 according to the CVSS:3.1 scoring system. It requires low privileges and user interaction, and can be exploited over a network. The potential impact includes low integrity and confidentiality impact, with an availability impact also rated as low. The exploitability score is 2.1 out of 10. Remediation measures should be taken by updating the affected Octopus Deploy versions to mitigate the risk posed by this vulnerability to organizations using the software.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2022-2346 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options