Lucene search
K
ProofpointInsider Threat Management

12 matches found

CVE
CVE
added 2021/04/06 9:0 p.m.78 views

CVE-2021-27900

The provided CVE pertains to Proofpoint Insider Threat Management Server (formerly ObserveIT Server). Inadequate authorization checks exist on multiple pages of the Web Console, enabling a view‑only user to modify any configuration and delete registered agents. Affected products include all versi...

8.1CVSS7.9AI score0.02452EPSS
CVE
CVE
added 2022/03/07 5:54 p.m.71 views

CVE-2022-25294

CVE-2022-25294 affects the Windows agent of Proofpoint Insider Threat Management. The vulnerability arises because the component relies on an inherently dangerous function, enabling an unprivileged local Windows user to execute arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 a...

7.8CVSS7.7AI score0.00267EPSS
CVE
CVE
added 2021/04/06 8:48 p.m.59 views

CVE-2021-27899

CVE-2021-27899 affects Proofpoint Insider Threat Management Agents for macOS and Linux, where improper validation of the ITM Server certificate enables a remote attacker to perform a man‑in‑the‑middle attack and intercept/alter communications. All versions prior to 7.11.1 are affected; agents for...

7.4CVSS7.3AI score0.00641EPSS
CVE
CVE
added 2021/01/06 1:42 p.m.54 views

CVE-2020-8884

The CVE-2020-8884 issue affects the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) prior to version 7.9. The root cause is improper deserialization over named pipes in rcdsvc, which enables remote authenticated users to execute arbitrary code with SYSTEM pri...

9CVSS8.7AI score0.04086EPSS
CVE
CVE
added 2021/04/06 8:52 p.m.53 views

CVE-2021-22158

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) Web Console is affected by an XML External Entity (XXE) injection. The vulnerability requires admin privileges and knowledge of the XML file’s encryption key to exploit, with exploitation affecting versions prior to 7.11 ...

7.2CVSS7AI score0.00621EPSS
CVE
CVE
added 2021/01/26 7:44 p.m.53 views

CVE-2021-22159

CVE-2021-22159 affects Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows; versions before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 (as well as 7.3 and earlier) are missing authentication for a critical function, enabling a local authenticated Windo...

7.8CVSS7.7AI score0.00331EPSS
CVE
CVE
added 2021/04/06 8:38 p.m.52 views

CVE-2021-22157

CVE-2021-22157 affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.11.1 and allows stored cross-site scripting (XSS). The connected documents consistently describe the same issue across multiple sources; no detailed exploit vectors or remediation are...

6.1CVSS6.2AI score0.01946EPSS
CVE
CVE
added 2023/09/13 3:16 p.m.49 views

CVE-2023-4828

The CVE-2023-4828 issue affects Proofpoint Insider Threat Management (ITM) Server versions prior to 7.14.3.69. The root cause is an improper check for an exceptional condition, enabling an attacker with valid agent credentials and hostname to reconfigure any registered agent so that future commun...

6.4CVSS4.7AI score0.00298EPSS
CVE
CVE
added 2023/09/13 3:14 p.m.45 views

CVE-2023-4801

The CVE-2023-4801 issue affects the MacOS Insider Threat Management (ITM) Agent. It is an improper certificate validation vulnerability that could allow an anonymous actor on an adjacent network to perform a man-in-the-middle attack between the ITM Agent and the ITM server after registration. All...

7.5CVSS7.4AI score0.00223EPSS
CVE
CVE
added 2023/09/13 3:15 p.m.42 views

CVE-2023-4802

The CVE-2023-4802 issue affects Proofpoint ITM Server (UpdateInstalledSoftware endpoint) prior to version 7.14.3.69. The vulnerability is a reflected cross-site scripting (XSS) that allows an authenticated administrator to execute arbitrary JavaScript in another web console administrator’s browse...

4.8CVSS4.8AI score0.003EPSS
CVE
CVE
added 2023/09/13 3:15 p.m.42 views

CVE-2023-4803

CVE-2023-4803 is a reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of Proofpoint ITM Server’s web console. An authenticated administrator can inject and execute arbitrary JavaScript in another web console administrator’s browser. Affected are all ITM Server versions ...

4.8CVSS4.8AI score0.003EPSS
CVE
CVE
added 2023/06/27 2:29 p.m.34 views

CVE-2023-2818

CVE-2023-2818 affects the Insider Threat Management Agent for Windows prior to version 7.14.3. The root cause is insecure filesystem permissions that let local unprivileged users disrupt agent monitoring. Affected: Windows only; MacOS/Linux/Cloud agents are unaffected. Impact is availability disr...

5.5CVSS5.3AI score0.00154EPSS