



















Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking.
Customers using Okta Verify for Windows before version 5.0.2.
Note: Customers using Okta Verify on platforms other than Windows are not affected.
The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater.
CVE ID | |
Published Date | 2024-08-07 |
Vulnerability Type | Improper Limitation of a Pathname to a Restricted Directory, Uncontrolled Search Path or Element |
CWE | CWE-22, CWE-427 |
CVSS v3 | Score: 5.5 Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Okta would like to thank Ryan Wincey of Securifera, Inc. for discovering this vulnerability.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。