Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system.
- https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030
- https://github.com/ARPSyndicate/cvemon
- https://github.com/mrdominguez/parallel-ssh-scp