CVE-2024-9875 — HIGH (7.1) — White Hats Nepal

Vulnerability Description

Okta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo command bundles feature is enabled. To remediate this vulnerability, upgrade the Okta Privileged Access server agent (SFTD) to version 1.87.1 or greater.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Related Weaknesses (CWE)

CWE-20

References

https://help.okta.com/asa/en-us/content/topics/releasenotes/advanced-server-acce

FAQ

What is CVE-2024-9875?

CVE-2024-9875 is a vulnerability with a CVSS score of 7.1 (HIGH). Okta Privileged Access server agent (SFTD) versions 1.82.0 to 1.84.0 are affected by a privilege escalation vulnerability when the sudo command bundles feature is enabled. To remediate this vulnerabil...

How severe is CVE-2024-9875?

CVE-2024-9875 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-9875?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.