4 matches found
CVE-2022-24295
Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL...
Okta Advanced Server Access Client < 1.57.0 Command Injection
The versions of Okta Advanced Server Access Client installed on the remote host is affected by a command injection vulnerability via a specially crafted URL. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEV...
CVE-2022-24295
Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL...
CVE-2022-24295
CVE-2022-24295 affects Okta Advanced Server Access Client for Windows prior to version 1.57.0. A command-injection vulnerability exists via a specially crafted URL. The root cause cited in multiple sources is lack of filtering/escaping of URL parameters, enabling remote command execution. CVSSv3....