{"uuid": "b4d02f87-9e86-4ee6-b0e6-3288c1f5fdf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2572", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15045", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2572\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after the access was revoked.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T03:37:49.070Z\n\ud83d\udd17 References:\n1. https://advisories.octopus.com/post/2022/sa2022-23/", "creation_timestamp": "2025-05-06T04:20:17.000000Z"}