12 matches found
CVE-2021-27900
The provided CVE pertains to Proofpoint Insider Threat Management Server (formerly ObserveIT Server). Inadequate authorization checks exist on multiple pages of the Web Console, enabling a view‑only user to modify any configuration and delete registered agents. Affected products include all versi...
CVE-2022-25294
CVE-2022-25294 affects the Windows agent of Proofpoint Insider Threat Management. The vulnerability arises because the component relies on an inherently dangerous function, enabling an unprivileged local Windows user to execute arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 a...
CVE-2021-27899
CVE-2021-27899 affects Proofpoint Insider Threat Management Agents for macOS and Linux, where improper validation of the ITM Server certificate enables a remote attacker to perform a man‑in‑the‑middle attack and intercept/alter communications. All versions prior to 7.11.1 are affected; agents for...
CVE-2020-8884
The CVE-2020-8884 issue affects the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) prior to version 7.9. The root cause is improper deserialization over named pipes in rcdsvc, which enables remote authenticated users to execute arbitrary code with SYSTEM pri...
CVE-2021-22158
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) Web Console is affected by an XML External Entity (XXE) injection. The vulnerability requires admin privileges and knowledge of the XML file’s encryption key to exploit, with exploitation affecting versions prior to 7.11 ...
CVE-2021-22159
CVE-2021-22159 affects Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows; versions before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 (as well as 7.3 and earlier) are missing authentication for a critical function, enabling a local authenticated Windo...
CVE-2021-22157
CVE-2021-22157 affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.11.1 and allows stored cross-site scripting (XSS). The connected documents consistently describe the same issue across multiple sources; no detailed exploit vectors or remediation are...
CVE-2023-4828
The CVE-2023-4828 issue affects Proofpoint Insider Threat Management (ITM) Server versions prior to 7.14.3.69. The root cause is an improper check for an exceptional condition, enabling an attacker with valid agent credentials and hostname to reconfigure any registered agent so that future commun...
CVE-2023-4801
The CVE-2023-4801 issue affects the MacOS Insider Threat Management (ITM) Agent. It is an improper certificate validation vulnerability that could allow an anonymous actor on an adjacent network to perform a man-in-the-middle attack between the ITM Agent and the ITM server after registration. All...
CVE-2023-4802
The CVE-2023-4802 issue affects Proofpoint ITM Server (UpdateInstalledSoftware endpoint) prior to version 7.14.3.69. The vulnerability is a reflected cross-site scripting (XSS) that allows an authenticated administrator to execute arbitrary JavaScript in another web console administrator’s browse...
CVE-2023-4803
CVE-2023-4803 is a reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of Proofpoint ITM Server’s web console. An authenticated administrator can inject and execute arbitrary JavaScript in another web console administrator’s browser. Affected are all ITM Server versions ...
CVE-2023-2818
CVE-2023-2818 affects the Insider Threat Management Agent for Windows prior to version 7.14.3. The root cause is insecure filesystem permissions that let local unprivileged users disrupt agent monitoring. Affected: Windows only; MacOS/Linux/Cloud agents are unaffected. Impact is availability disr...