CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2021-22159
https://notcve.org/view.php?id=CVE-2021-22159
26 Jan 2021 — Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected. Una Vulnerabil... • https://www.proofpoint.com/us/security/security-advisories • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-8884
https://notcve.org/view.php?id=CVE-2020-8884
06 Jan 2021 — rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes. rcdsvc en el Proofpoint Insider Threat Management Windows Agent (anteriormente ObserveIT Windows Agent) versiones anteriores a 7.9, permite a los usuarios autenticados remotamente ejecutar código arbitrario como SYSTEM debido a una deserialización inapropiada sobre tuberías no... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10658
https://notcve.org/view.php?id=CVE-2020-10658
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulnerabilidad en la API WriteImage del servidor de apli... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-10657
https://notcve.org/view.php?id=CVE-2020-10657
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. El Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulner... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10656
https://notcve.org/view.php?id=CVE-2020-10656
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulnerabilidad en la API WriteWindowMo... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10655
https://notcve.org/view.php?id=CVE-2020-10655
06 Jan 2021 — The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization. Proofpoint Insider Threat Management Server (anteriormente ObserveIT Server) versiones anteriores a 7.9.1, contiene una vulnerabilidad en la API WriteWindowMouse del serv... • https://www.proofpoint.com/us/blog • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-20634
https://notcve.org/view.php?id=CVE-2019-20634
30 Mar 2020 — An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails. Se detectó un problema en Proofpoint Email Protection hasta el 08-09-2019. Mediante la recopilación de puntajes de los encabezados de correo e... • https://github.com/moohax/Proof-Pudding • CWE-697: Incorrect Comparison •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19680
https://notcve.org/view.php?id=CVE-2019-19680
13 Jan 2020 — A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email. Una vulnerabilidad de filtrado de extensiones de archivos en Proofpoint Enterprise Protection (PPS / PoD), en las versiones sin parches de PPS a t... • https://www.proofpoint.com/us/security/cve-2019-19680 •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1904
https://notcve.org/view.php?id=CVE-2011-1904
05 May 2011 — An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary commands via unknown vectors, related to a "command injection" issue. Una función no especificada en la interfaz web de Proofpoint Messaging Security Gateway v6.2.0.263:6.2.0.237 y anterior en Proofpoint Protection Server v5.5.3, v5.5.4, v5.5.5, v6.0.2, v6.1.1 y v6.2.0 pe... • http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1901
https://notcve.org/view.php?id=CVE-2011-1901
05 May 2011 — The mail-filter web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to bypass authentication via unspecified vectors. La interfaz web del correo web de Proofpoint Messaging Security Gateway v6.2.0.263:6.2.0.237 y anteriores en Proofpoint Protection Server v5.5.3, v5.5.4, v5.5.5, v6.0.2, v6.1.1 y v6.2.0 permite a atacantes remotos eludir la autenticación a través de vectores... • http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php • CWE-287: Improper Authentication •