The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution.
References
Link | Resource |
---|---|
https://trust.okta.com/security-advisories/okta-ldap-agent-cve-2023-0392 | Vendor Advisory |
https://trust.okta.com/security-advisories/okta-ldap-agent-cve-2023-0392 | Vendor Advisory |
Configurations
History
21 Nov 2024, 07:37
Type | Values Removed | Values Added |
---|---|---|
References | () https://trust.okta.com/security-advisories/okta-ldap-agent-cve-2023-0392 - Vendor Advisory |
04 Sep 2024, 16:35
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-08 21:15
Updated : 2024-11-21 07:37
NVD link : CVE-2023-0392
Mitre link : CVE-2023-0392
CVE.ORG link : CVE-2023-0392
JSON object : View
Products Affected
okta
- ldap_agent
CWE
CWE-428
Unquoted Search Path or Element