2022-05-12 15:01:36 +00:00
{
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"data_version" : "4.0" ,
"CVE_data_meta" : {
"ID" : "CVE-2022-1697" ,
2022-09-06 18:00:33 +00:00
"ASSIGNER" : "psirt@okta.com" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "Okta" ,
"product" : {
"product_data" : [
{
"product_name" : "Okta Active Directory Agent" ,
"version" : {
"version_data" : [
{
"version_value" : "3.8.0, 3.9.0, 3.10.0, 3.11.0"
}
]
}
}
]
}
}
]
}
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Unquoted Search Path or Element"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"url" : "https://trust.okta.com/security-advisories/okta-active-directory-agent-cve-2022-1697" ,
"refsource" : "MISC" ,
"name" : "https://trust.okta.com/security-advisories/okta-active-directory-agent-cve-2022-1697"
} ,
{
"url" : "https://help.okta.com/en-us/Content/Topics/Directory/ad-agent-update.htm" ,
"refsource" : "MISC" ,
"name" : "https://help.okta.com/en-us/Content/Topics/Directory/ad-agent-update.htm"
} ,
{
"url" : "https://support.okta.com/help/s/article/Security-Notice-CVE-2022-1697-FAQ" ,
"refsource" : "MISC" ,
"name" : "https://support.okta.com/help/s/article/Security-Notice-CVE-2022-1697-FAQ"
}
]
2022-05-12 15:01:36 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2022-09-13 16:00:35 +00:00
"value" : "Okta Active Directory Agent versions 3.8.0 through 3.11.0 installed the Okta AD Agent Update Service using an unquoted path. Note: To remediate this vulnerability, you must uninstall Okta Active Directory Agent and reinstall Okta Active Directory Agent 3.12.0 or greater per the documentation."
2022-05-12 15:01:36 +00:00
}
]
}
}
