Okta

Cloud Identity and Mobility Management Service

  • $100 – $75,000 per vulnerability
  • Safe harbor
Submit report

Adding Advanced Server Access to the Scope!

Hello Researchers!

We are pleased to announce that the Okta Program is introducing a new product to the scope! Please check out the program brief for more information.

Scope

  • ASA web application http://app.scaleft.com/
  • ASA client executables

Out of Scope

  • ALL other domains
  • https://scaleft.com
  • Signup page https://app.scaleft.com/p/signup

Focus Areas
ASA Client / Agents

Documentations
Documentations:

  • https://help.okta.com/asa/en-us/Content/Topics/Adv_Server_Access/docs/asa-overview.htm

ASA CVEs

  • https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030/
  • https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-24295/
  • https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2023-0093/

Access
Please sign up for an account using your @bugcrowdninja.com email address here. ALL organization/team names must follow the naming convention bugcrowd-<username> when creating your org.

For more info regarding @bugcrowdninja email addresses, see here.

yuzu
yuzu