CVE-2024-7998: In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan.

2.6 CVSS

Description

In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan.

CVSS Base Severity: LOW

CVSS Base Score: 2.6

Vendor: Octopus Deploy

Product: Octopus Server

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

2024-12-04 00:11:45 UTC
CVE

In affected versions of Octopus Server OIDC cookies were using the wrong expiration time which could result in them using the maximum lifespan.