CVE-2021-22157

Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.11.1 allows stored XSS...

CVE-2021-27900

The provided CVE pertains to Proofpoint Insider Threat Management Server (formerly ObserveIT Server). Inadequate authorization checks exist on multiple pages of the Web Console, enabling a view‑only user to modify any configuration and delete registered agents. Affected products include all versi...

CVE-2021-22157

Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.11.1 allows stored XSS...

CVE-2020-10656

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. Th...

CVE-2020-10657

The Proofpoint Insider Threat Management Server formerly ObserveIT Server before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker with admin or config-admin privileges in the console to execute arbitrary code with local...

CVE-2020-10656

The CVE-2020-10656 entry concerns the Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.9.1. A vulnerability exists in the ITM application server’s WriteWindowMouseWithChunksV2 API caused by improper deserialization, enabling an anonymous remote attacker t...

CVE-2020-10655

CVE-2020-10655 affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1. The ITM app server's WriteWindowMouse API suffers from improper deserialization, allowing an anonymous remote attacker to execute arbitrary code with local administrator privileges. Root c...