Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Insider Threat Management Server Security Vulnerabilities - 2023

cve
cve

CVE-2023-35998

A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All versions before 7....

4.6CVSS

4.7AI Score

0.0004EPSS

2023-06-27 03:15 PM
11
cve
cve

CVE-2023-36000

A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information. Successful exploitation requires an attacker to first obtain a valid agent authentication token. All ...

6.5CVSS

6.4AI Score

0.001EPSS

2023-06-27 03:15 PM
8
cve
cve

CVE-2023-36002

A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected.

4.3CVSS

4.6AI Score

0.0004EPSS

2023-06-27 03:15 PM
13