{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T00:21:41.888","vulnerabilities":[{"cve":{"id":"CVE-2021-31817","sourceIdentifier":"security@octopus.com","published":"2021-07-08T11:15:11.957","lastModified":"2024-11-21T06:06:17.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext."},{"lang":"es","value":"Cuando se configura Octopus Server si está configurado con una base de datos SQL externa, en la configuración inicial la contraseña de la base de datos se escribe en el archivo de registro OctopusServer.txt en texto plano"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:octopus:server:*:*:*:*:*:*:*:*","versionStartIncluding":"2020.6.0","versionEndExcluding":"2020.6.5146","matchCriteriaId":"035EA471-8FDD-485A-BC94-0BACBE718EEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:octopus:server:*:*:*:*:*:*:*:*","versionStartIncluding":"2021.1.0","versionEndExcluding":"2021.1.7316","matchCriteriaId":"DFC37FF8-2A15-4BD5-888D-FC2AF802535C"}]}]}],"references":[{"url":"https://advisories.octopus.com/adv/2021-06---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-31817%29.2121138201.html","source":"security@octopus.com"},{"url":"https://advisories.octopus.com/adv/2021-06---Cleartext-Storage-of-Sensitive-Information-%28CVE-2021-31817%29.2121138201.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}