CVE-2022-46333

🗓️ 06 Dec 2022 19:52:36Reported by ProofpointType

The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2022-46333	6 Dec 202222:41	–	circl
CNNVD	Proofpoint Enterprise Protection 代码注入漏洞	6 Dec 202200:00	–	cnnvd
Cvelist	CVE-2022-46333 Proofpoint Enterprise Protection perl eval() arbitrary command execution	6 Dec 202219:52	–	cvelist
EUVD	EUVD-2022-49150	3 Oct 202520:07	–	euvd
NVD	CVE-2022-46333	6 Dec 202220:15	–	nvd
OSV	CVE-2022-46333	6 Dec 202220:15	–	osv
Prion	Command injection	6 Dec 202220:15	–	prion
Positive Technologies	PT-2022-27825 · Proofpoint · Proofpoint Enterprise Protection	6 Dec 202200:00	–	ptsecurity
Vulnrichment	CVE-2022-46333 Proofpoint Enterprise Protection perl eval() arbitrary command execution	6 Dec 202219:52	–	vulnrichment

NVD

Node

proofpoint enterprise_protectionRange≤8.19.0

[
  {
    "defaultStatus": "unaffected",
    "product": "enterprise_protection",
    "vendor": "proofpoint",
    "versions": [
      {
        "changes": [
          {
            "at": "8.19.0 patch 4546",
            "status": "unaffected"
          },
          {
            "at": "8.18.6 patch 4545",
            "status": "unaffected"
          },
          {
            "at": "8.18.4 patch 4544",
            "status": "unaffected"
          },
          {
            "at": "8.13.22 patch 4543",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "8.19.0",
        "status": "affected",
        "version": "8.*",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
proofpoint	www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003

21 Nov 2024 07:30Current

7.2High risk

Vulners AI Score7.2

CVSS 3.17.2

EPSS0.01659

SSVC

CWE-94