10 matches found
CVE-2020-10655
CVE-2020-10655 affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1. The ITM app server's WriteWindowMouse API suffers from improper deserialization, allowing an anonymous remote attacker to execute arbitrary code with local administrator privileges. Root c...
CVE-2021-40842
Summary: Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console due to improper input validation on the database name parameter required by unauthenticated APIs. A malicious URL reachable over the network could cause the backend database to execute a...
CVE-2021-40843
Proofpoint Insider Threat Management Server: Web Console unsafe deserialization vulnerability. An attacker with write access to the local database can cause arbitrary code execution with SYSTEM privileges on the server when a Web Console user retrieves data. When combined with a SQL injection fla...
CVE-2020-10658
The CVE-2020-10658 issue affects Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to 7.9.1. The WriteImage API vulnerability arises from improper deserialization, allowing an unauthenticated remote attacker to execute arbitrary code with local administrator privileges...
CVE-2020-10657
Summary (CVE-2020-10657): Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.9.1 contains a vulnerability in the ITM web console’s ImportAlertRules feature. The issue is caused by improper deserialization, allowing an authenticated remote attacker with admi...
CVE-2020-10656
The CVE-2020-10656 entry concerns the Proofpoint Insider Threat Management Server (formerly ObserveIT Server) prior to version 7.9.1. A vulnerability exists in the ITM application server’s WriteWindowMouseWithChunksV2 API caused by improper deserialization, enabling an anonymous remote attacker t...
CVE-2023-36000
The CVE-2023-36000 entry concerns the Insider Threat Management Server (Proofpoint) where a missing authorization check in the MacOS agent configuration endpoint allows an adjacent-network attacker to obtain sensitive information after obtaining a valid agent authentication token. Affected versio...
CVE-2023-35998
CVE-2023-35998 concerns Proofpoint’s Insider Threat Management Server. The vulnerability is a missing authorization check in multiple SOAP endpoints, enabling an attacker on an adjacent network to read and write unauthorized objects after obtaining a valid agent authentication token. Affected all...
CVE-2023-36002
CVE-2023-36002 affects Proofpoint Insider Threat Management Server prior to 7.14.3. A missing authorization check in multiple URL validation endpoints allows an anonymous attacker on an adjacent network to smuggle content via DNS lookups. Impact is limited to affected versions; mitigation is to u...
CVE-2025-8558
The CVE-2025-8558 entry concerns Proofpoint’s Insider Threat Management (ITM) Server. Affected software: ITM Server versions prior to 7.17.2. Vulnerable component/condition: an authentication bypass that allows an unauthenticated adversary on an adjacent network to unregister agents when the numb...