Design/Logic Flaw

2020-01-1321:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.1%

JSON

A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email.

CPENameOperatorVersion
enterprise_protectionle8.14.2
enterprise_protectionle8.9.22

CPE	Name	Operator	Version
	enterprise_protection	le	8.14.2
	enterprise_protection	le	8.9.22

References

www.proofpoint.com/us/security/cve-2019-19680

www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001