Okta Verify for iOS ContextExtension CVE-2024-10327 - Oct 24, 2024
Description A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification responses through the iOS ContextExtension feature allowing the …
Okta Verify for Windows Auto-update Arbitrary Code Execution …
Description The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code. Affected product and versions …
Okta Verify Desktop MFA for Windows Passwordless Login CVE …
Description The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised …
Okta Verify for Windows Privilege Escalation CVE-2024-7061 - Aug …
Description Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. Affected product and versions Customers using Okta Verify for Windows before version 5.0.2. …
Okta Browser Plugin Reflected Cross-Site Scripting CVE-2024-0981 …
Description Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs when the plugin ...
Okta Advanced Server Access Client CVE-2023-0093 - Feb 22, 2023
Description Okta Advanced Server Access Client versions 1.13.1 through 1.68.1 are vulnerable to command injection due to the third-party library webbrowser. Affected product and versions …
Okta Advanced Server Access Client CVE-2022-24295 - Feb 17, 2022
Description Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL. Affected product and versions …