Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A command injection vulnerability in the cookieDomain and relayDomain parameters of Okta Access Gateway before 2020.9.3 allows attackers (with admin access to the Okta Access Gateway UI) to execute OS commands as a privileged system account.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
Okta Access Gateway 操作系统命令注入漏洞
Vulnerability Description
Okta Access Gateway是英国Okta公司的一个应用网关。通过有效保护在保护您的云应用程序,基础架构和API的同一平台上对本地应用程序的访问来解决此问题。 Okta Access Gateway before 2020.9.3 存在安全漏洞,攻击者可利用该漏洞以拥有特权的系统帐户执行操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A