What is the Okta CNA?
Okta is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 13 CVE records since 2022.
How many CVEs has Okta published?
Okta has published 13 CVE records, including 7 in the last two years.
What is Okta's CVE data quality grade?
RadicalNotion.AI grades Okta's CVE data quality as B, with an overall completeness score of 80.8%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (46.2%), and CWE (76.9%) information.
What products does Okta publish CVEs for?
Okta most frequently publishes CVEs for verify, Okta Verify for Windows, Advanced Server Access, Advanced Server Access Client, ldap_agent.
Which vendors does Okta cover?
Okta publishes CVEs across 1 distinct vendors, most often Okta, apple, linux.
Is Okta actively publishing CVEs?
Okta is currently active, based on 7 CVEs in the last two years.
What is the average severity of Okta's CVEs?
The average CVSS base score across Okta's scored CVEs is 7.0.
Are any of Okta's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of Okta's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in Okta's CVEs?
Okta's CVEs most often map to these CWE weakness types: CWE-20 (Improper Input Validation), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-276 (Incorrect Default Permissions), CWE-287 (Improper Authentication).
How does Okta rank among CNAs?
By total CVE volume, Okta ranks #278 of 370 CNAs, and it reports more complete CVE records than 29% of all CNAs.
