366 matches found
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...
CVE-2021-40842
Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network access to the...
Sql injection
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...
Sql injection
Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network access to the...
CVE-2021-40842
Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network access to the...
CVE-2021-40842
Summary: Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console due to improper input validation on the database name parameter required by unauthenticated APIs. A malicious URL reachable over the network could cause the backend database to execute a...
CVE-2021-40843
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of...
CVE-2021-40843
Proofpoint Insider Threat Management Server: Web Console unsafe deserialization vulnerability. An attacker with write access to the local database can cause arbitrary code execution with SYSTEM privileges on the server when a Web Console user retrieves data. When combined with a SQL injection fla...
CVE-2021-34814
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...
CVE-2021-39304
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...
CVE-2021-39304
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...
CVE-2021-34814
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...
Security feature bypass
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...
Design/Logic Flaw
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...
CVE-2021-39304
CVE-2021-39304 affects Proofpoint Enterprise Protection prior to version 8.12.0-2108090000, where a security control bypass enables bypassing protection controls. The connected Red Hat and CVE records reiterate the same description: Proofpoint Enterprise Protection before 8.12.0-2108090000 allows...
CVE-2021-39304
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass...
CVE-2021-34814
CVE-2021-34814 affects Proofpoint Spam Engine prior to 8.12.0-2106240000. The issue is a Security Control Bypass due to an access control error in the product, with impact described as HIGH availability risk (per CVSS 3.1) and no confidential/integrity impact indicated. Connected sources confirm ...
CVE-2021-34814
Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control Bypass...
Proofpoint Insider Threat Management Server 代码问题漏洞
Proofpoint Insider Threat Management Server is a server-side application from Proofpoint, Inc. that is used to prevent malicious operations by enterprise insiders. A security vulnerability exists in Proofpoint Insider Threat Management Server that stems from Proofpoint Insider Threat Management...