Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system.
[
{
"product": "Advanced Server Access Client",
"vendor": "Okta",
"versions": [
{
"status": "affected",
"version": "Prior to version 1.58.0"
}
]
}
]