CVE-2023-2820

An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull PTR/TRAP could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic...

CVE-2023-2820

CVE-2023-2820 affects Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) via the faye endpoint. The vulnerability may allow an attacker on an adjacent network to obtain credentials to integrated services through MITM or session-traffic cryptanalysis, enabling impersonation of PTR/T...

CVE-2023-2819

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull PTR/TRAP could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. This could result in arbitrary javascript code...

PT-2023-21627 · Proofpoint · Proofpoint Threat Response

Name of the Vulnerable Software and Affected Versions: Proofpoint Threat Response / Threat Response Auto-Pull PTR/TRAP versions prior to 5.10.0 Description: An information disclosure issue in the faye endpoint could allow an attacker on an adjacent network to obtain credentials to integrated...