Okta Verify Security Update Advisory (CVE-2024-10327)

Oct 28 2024

Overview

An update has been released to address vulnerabilities in Okta Verify. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-10327

Okta Verify version: 9.25.1 (iOS)
Okta Verify version: 9.27.0 (iOS)

Resolved Vulnerabilities

Push notification response vulnerability via ContextExtension feature could allow authentication to succeed regardless of user selection (CVE-2024-10327)

Vulnerability Patches

Vulnerability patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-10327

Okta Verify version: 9.27.2

Referenced Sites

[1] CVE-2024-10327 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-10327

[2] Okta Verify for iOS ContextExtension CVE-2024-10327

https://trust.okta.com/security-advisories/okta-verify-for-ios-cve-2024-10327

Okta Verify Security Update Advisory (CVE-2024-10327)

Nginx UI Security Update Advisory (CVE-2024-49368)

OneDev Security Update Advisory (CVE-2024-45309)

Tags:

Nginx UI Security Update Advisory (CVE-2024-49368)

OneDev Security Update Advisory (CVE-2024-45309)