Lucene search

ProofpointCVELIST:CVE-2023-36000

HistoryJun 27, 2023 - 2:32 p.m.

CVE-2023-36000 ITM Server Missing Authorization for Agent Config

2023-06-2714:32:01

CWE-862

Proofpoint

www.cve.org

itm server

missing authorization

agent config

cve-2023-36000

macos

insider threat management

authentication token

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.9%

JSON

A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7.14.3 are affected.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Server"
    ],
    "product": "Insider Threat Management",
    "vendor": "Proofpoint",
    "versions": [
      {
        "lessThan": "7.14.3",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

References

www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.9%

JSON

Related for CVELIST:CVE-2023-36000