Home OktaCVE-2022-3145

CVE-2022-3145

MEDIUM

4.7CVSS

Published: 2023-01-12

Updated: 2025-04-08

AI Analysis

Description

An open redirect vulnerability exists in Okta OIDC Middleware prior to version 5.0.0 allowing an attacker to redirect a user to an arbitrary URL.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
Attack Vector: network
Complexity: low
Privileges: none
User Action: required
Scope: changed
Confidentiality: none
Integrity: low
Availability: none
Weaknesses: CWE-601CWE-601

Metadata

Primary Vendor: OKTA
Published: 1/12/2023
Last Modified: 4/8/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

okta : oidc_middleware

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD