CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-25294
https://notcve.org/view.php?id=CVE-2022-25294
Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 are affected. Agents for MacOS and Linux and Cloud are unaffected. Proofpoint has released fixed software version 7.12.1. The fixed software versions are available through the customer support portal. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2022-0001 •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-27900
https://notcve.org/view.php?id=CVE-2021-27900
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an authorization check on several pages in the Web Console. This enables a view-only user to change any configuration setting and delete any registered agents. All versions before 7.11.1 are affected. El Servidor Proofpoint Insider Threat Management (anteriormente ObserveIT Server) presenta una falta de verificación de autorización en varias páginas de la consola web. Esto permite que un usuario de solo lectura cambie cualquier ajuste de configuración y elimine cualquier agente registrado. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0005 • CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22158
https://notcve.org/view.php?id=CVE-2021-22158
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file's encryption key to successfully exploit. All versions before 7.11 are affected. El Servidor Proofpoint Insider Threat Management (anteriormente ObserveIT Server) es vulnerable a una XML external entity (XXE) en la consola web. La vulnerabilidad requiere privilegios de usuario administrador y conocimiento de la clave de cifrado del archivo XML para una explotación con éxito. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0003 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.4EPSS: 0%CPEs: 6EXPL: 0CVE-2021-27899
https://notcve.org/view.php?id=CVE-2021-27899
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. Agents for Windows and Cloud are not affected. Los Agentes Proofpoint Insider Threat Management (anteriormente ObserveIT Agent) para MacOS y Linux llevan a cabo una comprobación inapropiada del certificado del servidor ITM, lo que permite a un atacante remoto interceptar y alterar estas comunicaciones usando un ataque de tipo man-in-the-middle. Todas las versiones anteriores a 7.11.1 están afectadas. • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0004 • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-22157
https://notcve.org/view.php?id=CVE-2021-22157
Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.11.1 allows stored XSS. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.11.1, permite un ataque de tipo XSS almacenado • https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0002 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •