CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-3676
https://notcve.org/view.php?id=CVE-2024-3676
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP request to create additional Encryption user accounts under the attacker's control. These accounts are able to send spoofed email to any users within the domains configured by the Administrator. El endpoint de Proofpoint Encryption de Proofpoint Enterprise Protection contiene una vulnerabilidad de validación de entrada incorrecta que permite a un atacante remoto no autenticado con una solicitud HTTP especialmente manipulada crear cuentas de usuario de cifrado adicionales bajo el control del atacante. Estas cuentas pueden enviar correos electrónicos falsificados a cualquier usuario dentro de los dominios configurados por el administrador. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2024-0002 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2024-0862
https://notcve.org/view.php?id=CVE-2024-0862
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses. El endpoint de Proofpoint Encryption de Proofpoint Enterprise Protection contiene una vulnerabilidad de Server Side Request Forgery que permite a un usuario autenticado transmitir solicitudes HTTP desde el servidor de Protection a direcciones de red que de otro modo serían privadas. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2024-0001 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-5770 – HTML injection in email body through email subject
https://notcve.org/view.php?id=CVE-2023-5770
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions. Proofpoint Enterprise Protection contiene una vulnerabilidad en el agente de entrega de correo electrónico que permite a un atacante no autenticado inyectar HTML codificado incorrectamente en el cuerpo de un mensaje de correo electrónico a través del asunto del correo electrónico. La vulnerabilidad se debe a una codificación inadecuada al reescribir el correo electrónico antes de la entrega. Este problema afecta a Proofpoint Enterprise Protection: desde 8.20.2 antes del parche 4809, desde 8.20.0 antes del parche 4805, desde 8.18.6 antes del parche 4804 y todas las demás versiones anteriores. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009 • CWE-838: Inappropriate Encoding for Output Context •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-5771 – HTML injection in AdminUI through email subject
https://notcve.org/view.php?id=CVE-2023-5771
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions. Proofpoint Enterprise Protection contiene una vulnerabilidad XSS almacenada en AdminUI. Un atacante no autenticado puede enviar un correo electrónico especialmente manipulado con HTML en el asunto que activa XSS al ver mensajes en cuarentena. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0010 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4828 – ITM Server Communications Hijack
https://notcve.org/view.php?id=CVE-2023-4828
An improper check for an exceptional condition in the Insider Threat Management (ITM) Server could be used by an attacker to change the server's configuration of any already-registered agent so that the agent sends all future communications to an attacker-chosen URL. This could result in disclosure of sensitive data events from the agent about the personally identifiable information (PII) and intellectual property it monitors, and all such data could be altered or deleted before reaching the ITM Server. An attacker must first successfully obtain valid agent credentials and agent hostname. All versions prior to 7.14.3.69 are affected. Un atacante podría utilizar una verificación inadecuada de una condición excepcional en el servidor Insider Threat Management (ITM) para cambiar la configuración del servidor de cualquier agente ya registrado para que el mismo envíe todas las comunicaciones futuras a una URL elegida por el atacante. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0008 https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-008 • CWE-754: Improper Check for Unusual or Exceptional Conditions •