Primary

Context

Okta On-Premises Provisioning Agent Password Reset Information Disclosure Vulnerability

Vulnerability

A vulnerability exists in Okta On-Premises Provisioning (OPP) agents, specifically in versions 2.2.1 prior to 2.3.0. During administrator-initiated password resets, these agents log certain user data. This logging can be exploited by an attacker with access to the local server running the OPP agent to retrieve personal information and temporary passwords created during the password reset process.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user personal information and temporary passwords, which could be misused to gain further access to user accounts or sensitive data.

Remediation

Users can upgrade to Okta On-Premises Provisioning Agent version 2.3.1 or later, which includes security enhancements. Instructions for downloading the latest version are available on the Okta website.

Added: Jul 22, 2025, 4:19 PM

Updated: Jul 22, 2025, 4:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Okta On-Premises Provisioning Agent Password Reset Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating