7 matches found
CVE-2022-25294
CVE-2022-25294 affects the Windows agent of Proofpoint Insider Threat Management. The vulnerability arises because the component relies on an inherently dangerous function, enabling an unprivileged local Windows user to execute arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 a...
CVE-2021-22159
CVE-2021-22159 affects Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows; versions before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 (as well as 7.3 and earlier) are missing authentication for a critical function, enabling a local authenticated Windo...
CVE-2023-4828
The CVE-2023-4828 issue affects Proofpoint Insider Threat Management (ITM) Server versions prior to 7.14.3.69. The root cause is an improper check for an exceptional condition, enabling an attacker with valid agent credentials and hostname to reconfigure any registered agent so that future commun...
CVE-2023-4802
The CVE-2023-4802 issue affects Proofpoint ITM Server (UpdateInstalledSoftware endpoint) prior to version 7.14.3.69. The vulnerability is a reflected cross-site scripting (XSS) that allows an authenticated administrator to execute arbitrary JavaScript in another web console administrator’s browse...
CVE-2023-4801
The CVE-2023-4801 issue affects the MacOS Insider Threat Management (ITM) Agent. It is an improper certificate validation vulnerability that could allow an anonymous actor on an adjacent network to perform a man-in-the-middle attack between the ITM Agent and the ITM server after registration. All...
CVE-2023-4803
CVE-2023-4803 is a reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of Proofpoint ITM Server’s web console. An authenticated administrator can inject and execute arbitrary JavaScript in another web console administrator’s browser. Affected are all ITM Server versions ...
CVE-2023-2818
CVE-2023-2818 affects the Insider Threat Management Agent for Windows prior to version 7.14.3. The root cause is insecure filesystem permissions that let local unprivileged users disrupt agent monitoring. Affected: Windows only; MacOS/Linux/Cloud agents are unaffected. Impact is availability disr...