Authorization

2021-04-0622:15:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.2%

JSON

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an authorization check on several pages in the Web Console. This enables a view-only user to change any configuration setting and delete any registered agents. All versions before 7.11.1 are affected.

CPENameOperatorVersion
insider_threat_managementge7.9.0
insider_threat_managementlt7.9.3
insider_threat_managementge7.10.0
insider_threat_managementlt7.10.3
insider_threat_managementge7.11.0
insider_threat_managementlt7.11.1

Name	Operator	Version
insider_threat_management	ge	7.9.0
insider_threat_management	lt	7.9.3
insider_threat_management	ge	7.10.0
insider_threat_management	lt	7.10.3
insider_threat_management	ge	7.11.0
insider_threat_management	lt	7.11.1

References

www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0005