CVE-2024-0980

2024-03-2723:16:37

Okta

www.cve.org

okta verify

windows

auto-update

vulnerability

arbitrary code

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.7%

JSON

The Auto-update service for Okta Verify for Windows is vulnerable to two flaws which in combination could be used to execute arbitrary code.

CNA Affected

[
  {
    "vendor": "Okta",
    "product": "Okta Verify for Windows",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "4.10.7",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]