VYPR

Advanced Server Access Client

by Okta

CVEs (3)

  • CVE-2022-24295HigFeb 21, 2022
    risk 0.59cvss 8.8epss 0.18

    Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable to command injection via a specially crafted URL.

  • CVE-2023-0093HigMar 6, 2023
    risk 0.57cvss 8.8epss 0.01

    Okta Advanced Server Access Client versions 1.13.1 through 1.65.0 are vulnerable to command injection due to the third party library webbrowser. An outdated library, webbrowser, used by the ASA client was found to be vulnerable to command injection. To exploit this issue, an…

  • CVE-2022-1030HigMar 23, 2022
    risk 0.57cvss 8.8epss 0.01

    Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has…