Lucene search
+L

CVE-2022-46334

🗓️ 21 Dec 2022 20:05:38Reported by ProofpointType 
cve
 cve
🔗 web.nvd.nist.gov👁 70 Views🌐 WEB

Proofpoint Enterprise Protection (PPS/PoD vulnerability allowing pps user to escalate to root privileges

Related
Detection
Affected
Refs
Paths
NVD
[
  {
    "defaultStatus": "unaffected",
    "product": "enterprise_protection",
    "vendor": "Proofpoint",
    "versions": [
      {
        "changes": [
          {
            "at": "8.19.0 patch 4550",
            "status": "unaffected"
          },
          {
            "at": "8.18.6 patch 4549",
            "status": "unaffected"
          },
          {
            "at": "8.13.22 patch 4548",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "8.19.0",
        "status": "affected",
        "version": "8.*",
        "versionType": "semver"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
euwebcustomloginurlrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
euwebcustomlogouturlrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
pps_magicrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
pps_tokenrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
modulerequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
cmdrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
chapterrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
subchapterrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
authtokenenablerequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
enablesecurityaccesstokenrequest bodyeuweb/loginEndpoint used to inject custom login/logout URLs and pps tokens to gain higher privileges and execute payloads.CWE-269
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 05:11Current
7.7High risk
Vulners AI Score7.7
CVSS 3.17.8
EPSS0.00165
SSVC
70