Okta: Security Vulnerabilities
Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL.
CVSS Score
8.8
EPSS Score
0.038
Published
2022-02-21
A command injection vulnerability in the cookieDomain and relayDomain parameters of Okta Access Gateway before 2020.9.3 allows attackers (with admin access to the Okta Access Gateway UI) to execute OS commands as a privileged system account.
CVSS Score
6.7
EPSS Score
0.03
Published
2021-04-02
Page 2