3.9 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.6%
Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Directory Agent and reinstall Okta Active Directory Agent 3.12.0 or greater per the documentation.
[
{
"product": "Okta Active Directory Agent",
"vendor": "Okta",
"versions": [
{
"status": "affected",
"version": "3.8.0, 3.9.0, 3.10.0, 3.11.0"
}
]
}
]
More
3.9 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L
4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.6%