Local Server Vulnerability in Okta On-Premises Provisioning Agents
CVE-2025-7371

6.8MEDIUM

Key Information:

Vendor: Okta
Status: Okta On-premises Provisioning Agent
Vendor: CVE Published:; 22 July 2025

What is CVE-2025-7371?

The On-Premises Provisioning (OPP) agents from Okta exhibit a vulnerability where they log sensitive user data during administrator-initiated password resets. An attacker with local access to servers running affected versions of OPP agents (2.2.1 to 2.3.0) can exploit this flaw to obtain personal information and temporary passwords generated during these resets. This poses a significant risk to user privacy and data security, especially if proper measures are not taken to secure access to the affected servers.

Affected Version(s)

Okta On-Premises Provisioning Agent 2.2.1 < 2.3.1

References

https://help.okta.com/oie/en-us/content/topics/settings/v...

patch

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 22, 2025
Vulnerability Reserved
Jul 8, 2025