Okta
- $100 – $75,000 per vulnerability
Adding Advanced Server Access to the Scope!
Hello Researchers!
We are pleased to announce that the Okta Program is introducing a new product to the scope! Please check out the program brief for more information.
Scope
- ASA web application http://app.scaleft.com/
- ASA client executables
Out of Scope
- ALL other domains
- https://scaleft.com
- Signup page https://app.scaleft.com/p/signup
Focus Areas
ASA Client / Agents
Documentations
Documentations:
- https://help.okta.com/asa/en-us/Content/Topics/Adv_Server_Access/docs/asa-overview.htm
ASA CVEs
- https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030/
- https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-24295/
- https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2023-0093/
Access
Please sign up for an account using your @bugcrowdninja.com email address here. ALL organization/team names must follow the naming convention bugcrowd-<username>
when creating your org.
For more info regarding @bugcrowdninja email addresses, see here.