CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-40843
https://notcve.org/view.php?id=CVE-2021-40843
13 Oct 2021 — Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of that data. When chained with a SQL injection vulnerability, the vulnerability could be exploited remotely if Web Console users click a series of maliciously crafted URLs. All versions prior to 7.11.2 are affected. P... • https://www.proofpoint.com/us/security/security-advisories • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-27900
https://notcve.org/view.php?id=CVE-2021-27900
06 Apr 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an authorization check on several pages in the Web Console. This enables a view-only user to change any configuration setting and delete any registered agents. All versions before 7.11.1 are affected. El Servidor Proofpoint Insider Threat Management (anteriormente ObserveIT Server) presenta una falta de verificación de autorización en varias páginas de la consola web. Esto permite que un usuario de solo lectura cambi... • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0005 • CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22158
https://notcve.org/view.php?id=CVE-2021-22158
06 Apr 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file's encryption key to successfully exploit. All versions before 7.11 are affected. El Servidor Proofpoint Insider Threat Management (anteriormente ObserveIT Server) es vulnerable a una XML external entity (XXE) en la consola web. La vulnerabilidad requiere privilegios de usuario a... • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0003 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 0CVE-2021-27899
https://notcve.org/view.php?id=CVE-2021-27899
06 Apr 2021 — The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. Agents for Windows and Cloud are not affected. Los Agentes Proofpoint Insider Threat Management (anteriormente ObserveIT Agent) para MacOS y Linux llevan a cabo una comprobación inapropiada del certificado... • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0004 • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22157
https://notcve.org/view.php?id=CVE-2021-22157
06 Apr 2021 — Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.11.1 allows stored XSS. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.11.1, permite un ataque de tipo XSS almacenado • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0002 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-22159
https://notcve.org/view.php?id=CVE-2021-22159
26 Jan 2021 — Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected. Una Vulnerabil... • https://www.proofpoint.com/us/security/security-advisories • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-8884
https://notcve.org/view.php?id=CVE-2020-8884
06 Jan 2021 — rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes. rcdsvc en el Proofpoint Insider Threat Management Windows Agent (anteriormente ObserveIT Windows Agent) versiones anteriores a 7.9, permite a los usuarios autenticados remotamente ejecutar código arbitrario como SYSTEM debido a una deserialización inapropiada sobre tuberías no... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10658
https://notcve.org/view.php?id=CVE-2020-10658
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulnerabilidad en la API WriteImage del servidor de apli... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10657
https://notcve.org/view.php?id=CVE-2020-10657
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. El Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulner... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10656
https://notcve.org/view.php?id=CVE-2020-10656
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulnerabilidad en la API WriteWindowMo... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •