Exposición de Okta
Authentication13
score de exposición
6703
sitios usan
0
en explotación
0
críticos
CVEs
15 resultadosCVE-2022-24295—Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially craftEPSS 17.9%CVE-2022-1030—Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specialEPSS 1.5%CVE-2023-0093HIGHOkta Advanced Server Access Client versions 1.13.1 through 1.65.0 are vulnerable to command injection due to the third party library webbrowEPSS 1.1%CVE-2024-10327HIGHA vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification responses through the iOSEPSS 0.6%CVE-2024-0980HIGHThe Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code.EPSS 0.5%CVE-2022-3145MEDIUMAn open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitraryEPSS 0.4%CVE-2024-0981HIGHOkta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs wheEPSS 0.3%CVE-2025-7371MEDIUMOkta On-Premises Provisioning (OPP) agents log certain user data during administrator-initiated password resets. This vulnerability allows aEPSS 0.3%CVE-2022-1697—Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediEPSS 0.2%CVE-2024-9875HIGHOkta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo commEPSS 0.2%CVE-2024-9191HIGHThe Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables aEPSS 0.2%CVE-2025-66033MEDIUMImproper Memory Cleanup in the Okta Java SDKEPSS 0.2%CVE-2024-7061MEDIUMOkta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows vEPSS 0.2%CVE-2023-0392LOWThe LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution.EPSS 0.2%CVE-2025-67505HIGHRace condition in the Okta Java SDKEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →