Vulnerabilites related to Proofpoint - enterprise_protection
CVE-2023-5770 (GCVE-0-2023-5770)
Vulnerability from cvelistv5
Published
2024-01-09 22:02
Modified
2025-06-03 14:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-838 - Inappropriate Encoding for Output Context
Summary
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Proofpoint | Proofpoint Enterprise Protection |
Version: 8.20.2 ≤ Version: 8.20.0 ≤ Version: 8.18.6 ≤ Version: 8.0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:43:41.522534Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:29:46.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"Email Delivery Agent"
],
"product": "Proofpoint Enterprise Protection",
"vendor": "Proofpoint",
"versions": [
{
"changes": [
{
"at": "patch 4809",
"status": "unaffected"
}
],
"lessThan": "patch 4809",
"status": "affected",
"version": "8.20.2",
"versionType": "semver"
},
{
"changes": [
{
"at": "patch 4805",
"status": "unaffected"
}
],
"lessThan": "patch 4805",
"status": "affected",
"version": "8.20.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "patch 4804",
"status": "unaffected"
}
],
"lessThan": "patch 4804",
"status": "affected",
"version": "8.18.6",
"versionType": "semver"
},
{
"lessThan": "8.18.6",
"status": "affected",
"version": "8.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eProofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.\u003c/span\u003e\u003cp\u003eThis issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\u003c/p\u003e"
}
],
"value": "Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-838",
"description": "CWE-838 Inappropriate Encoding for Output Context",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T22:02:03.839Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML injection in email body through email subject",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2023-5770",
"datePublished": "2024-01-09T22:02:03.839Z",
"dateReserved": "2023-10-25T17:57:53.751Z",
"dateUpdated": "2025-06-03T14:29:46.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-39304 (GCVE-0-2021-39304)
Vulnerability from cvelistv5
Published
2021-10-13 14:34
Modified
2024-08-04 02:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:06:41.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.proofpoint.com/us/blog"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T14:34:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.proofpoint.com/us/blog"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-39304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.proofpoint.com/us/blog",
"refsource": "MISC",
"url": "https://www.proofpoint.com/us/blog"
},
{
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007",
"refsource": "MISC",
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-39304",
"datePublished": "2021-10-13T14:34:54",
"dateReserved": "2021-08-20T00:00:00",
"dateUpdated": "2024-08-04T02:06:41.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19680 (GCVE-0-2019-19680)
Vulnerability from cvelistv5
Published
2020-01-13 20:06
Modified
2024-08-05 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:25:12.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/cve-2019-19680"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T13:43:51",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.proofpoint.com/us/security/cve-2019-19680"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.proofpoint.com/us/security/cve-2019-19680",
"refsource": "CONFIRM",
"url": "https://www.proofpoint.com/us/security/cve-2019-19680"
},
{
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001",
"refsource": "CONFIRM",
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19680",
"datePublished": "2020-01-13T20:06:25",
"dateReserved": "2019-12-09T00:00:00",
"dateUpdated": "2024-08-05T02:25:12.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14009 (GCVE-0-2020-14009)
Vulnerability from cvelistv5
Published
2021-05-07 11:33
Modified
2024-08-04 12:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:32:14.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-12T17:20:31",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.proofpoint.com/us/security/security-advisories"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-14009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.proofpoint.com/us/security/security-advisories",
"refsource": "MISC",
"url": "https://www.proofpoint.com/us/security/security-advisories"
},
{
"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006",
"refsource": "MISC",
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-14009",
"datePublished": "2021-05-07T11:33:10",
"dateReserved": "2020-06-10T00:00:00",
"dateUpdated": "2024-08-04T12:32:14.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46333 (GCVE-0-2022-46333)
Vulnerability from cvelistv5
Published
2022-12-06 19:52
Modified
2025-04-23 16:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| proofpoint | enterprise_protection |
Version: 8.* ≤ 8.19.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:45.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T16:10:55.359000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:11:07.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "enterprise_protection",
"vendor": "proofpoint",
"versions": [
{
"changes": [
{
"at": "8.19.0 patch 4546",
"status": "unaffected"
},
{
"at": "8.18.6 patch 4545",
"status": "unaffected"
},
{
"at": "8.18.4 patch 4544",
"status": "unaffected"
},
{
"at": "8.13.22 patch 4543",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.19.0",
"status": "affected",
"version": "8.*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ly1g3"
}
],
"datePublic": "2022-12-06T20:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.\u003c/p\u003e"
}
],
"value": "The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL8"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T18:43:02.824Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Proofpoint Enterprise Protection perl eval() arbitrary command execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2022-46333",
"datePublished": "2022-12-06T19:52:36.587Z",
"dateReserved": "2022-11-29T16:10:15.064Z",
"dateUpdated": "2025-04-23T16:11:07.699Z",
"requesterUserId": "71106589-dd87-430f-8b38-9a34386900d1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0090 (GCVE-0-2023-0090)
Vulnerability from cvelistv5
Published
2023-03-08 00:27
Modified
2025-02-28 18:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Summary
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| proofpoint | enterprise_protection |
Version: 8.* ≤ 8.20.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:42.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0090",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T18:28:24.377984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T18:28:42.806Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "enterprise_protection",
"vendor": "proofpoint",
"versions": [
{
"changes": [
{
"at": "8.20.0 patch 4570",
"status": "unaffected"
},
{
"at": "8.18.6 patch 4568",
"status": "unaffected"
},
{
"at": "8.18.4 patch 4567",
"status": "unaffected"
},
{
"at": "8.13.22 patch 4566",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.20.0",
"status": "affected",
"version": "8.*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ly1g3"
}
],
"datePublic": "2023-03-07T20:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through \u0027eval injection\u0027. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.\u003c/p\u003e"
}
],
"value": "The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through \u0027eval injection\u0027. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-95",
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T19:00:06.801Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Proofpoint Enterprise Protection webservices unauthenticated RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2023-0090",
"datePublished": "2023-03-08T00:27:36.914Z",
"dateReserved": "2023-01-05T19:17:28.968Z",
"dateUpdated": "2025-02-28T18:28:42.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5771 (GCVE-0-2023-5771)
Vulnerability from cvelistv5
Published
2023-11-06 20:06
Modified
2024-09-04 18:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Proofpoint | Proofpoint Enterprise Protection |
Version: 8.20.0 ≤ Version: 8.18.6 ≤ Version: 8.0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.734Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0010"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-04T18:55:22.520054Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-04T18:55:47.857Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"modules": [
"AdminUI"
],
"product": "Proofpoint Enterprise Protection",
"vendor": "Proofpoint",
"versions": [
{
"changes": [
{
"at": "patch 4796",
"status": "unaffected"
}
],
"lessThan": "patch 4796",
"status": "affected",
"version": "8.20.0",
"versionType": "semver"
},
{
"changes": [
{
"at": "patch 4795",
"status": "unaffected"
}
],
"lessThan": "patch 4795",
"status": "affected",
"version": "8.18.6",
"versionType": "semver"
},
{
"lessThan": "8.18.6",
"status": "affected",
"version": "8.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2023-11-06T17:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eProofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages.\u0026nbsp;\u0026nbsp;\u003c/span\u003e\u003cp\u003eThis issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.\u003c/p\u003e"
}
],
"value": "Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages.\u00a0\u00a0This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-06T20:06:30.766Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0010"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML injection in AdminUI through email subject",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2023-5771",
"datePublished": "2023-11-06T20:06:28.575Z",
"dateReserved": "2023-10-25T17:57:54.611Z",
"dateUpdated": "2024-09-04T18:55:47.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46334 (GCVE-0-2022-46334)
Vulnerability from cvelistv5
Published
2022-12-21 20:05
Modified
2025-04-15 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Proofpoint | enterprise_protection |
Version: 8.* ≤ 8.19.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0004"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46334",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-15T18:37:44.368531Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T18:37:56.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "enterprise_protection",
"vendor": "Proofpoint",
"versions": [
{
"changes": [
{
"at": "8.19.0 patch 4550",
"status": "unaffected"
},
{
"at": "8.18.6 patch 4549",
"status": "unaffected"
},
{
"at": "8.13.22 patch 4548",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.19.0",
"status": "affected",
"version": "8.*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ly1g3"
}
],
"datePublic": "2022-12-21T19:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eProofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.\u003c/p\u003e"
}
],
"value": "Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T19:07:37.968Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0004"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Proofpoint Enterprise Protection Local Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2022-46334",
"datePublished": "2022-12-21T20:05:38.584Z",
"dateReserved": "2022-11-29T16:10:15.065Z",
"dateUpdated": "2025-04-15T18:37:56.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10635 (GCVE-0-2024-10635)
Vulnerability from cvelistv5
Published
2025-04-28 20:36
Modified
2025-04-28 22:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Proofpoint | Enterprise Protection |
Version: 8.18.6 ≤ Version: 8.20.6 ≤ Version: 8.21.0 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T22:28:30.982413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T22:28:39.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Enterprise Protection",
"vendor": "Proofpoint",
"versions": [
{
"changes": [
{
"at": "patch 4868",
"status": "unaffected"
}
],
"lessThan": "patch 5110",
"status": "affected",
"version": "8.18.6",
"versionType": "semver"
},
{
"changes": [
{
"at": "patch 4871",
"status": "unaffected"
}
],
"lessThan": "patch 5134",
"status": "affected",
"version": "8.20.6",
"versionType": "semver"
},
{
"changes": [
{
"at": "patch 4872",
"status": "unaffected"
}
],
"lessThan": "patch 5112",
"status": "affected",
"version": "8.21.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system."
}
],
"value": "Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T20:36:43.320Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2025-0002"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Enterprise Protection S/MIME Opaque Signature Attachment Scanning Bypass",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2024-10635",
"datePublished": "2025-04-28T20:36:43.320Z",
"dateReserved": "2024-10-31T18:23:56.308Z",
"dateUpdated": "2025-04-28T22:28:39.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0089 (GCVE-0-2023-0089)
Vulnerability from cvelistv5
Published
2023-03-08 00:27
Modified
2025-02-28 16:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-95 - Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Summary
The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'.
This affects all versions 8.20.0 and below.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| proofpoint | enterprise_protection |
Version: 8.* ≤ 8.20.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:02:43.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0089",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T16:36:27.629815Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T16:36:53.420Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "enterprise_protection",
"vendor": "proofpoint",
"versions": [
{
"changes": [
{
"at": "8.20.0 patch 4570",
"status": "unaffected"
},
{
"at": "8.18.6 patch 4568",
"status": "unaffected"
},
{
"at": "8.18.4 patch 4567",
"status": "unaffected"
},
{
"at": "8.13.22 patch 4566",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.20.0",
"status": "affected",
"version": "8.*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ly1g3"
}
],
"datePublic": "2023-03-07T20:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThe webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through \u0027eval injection\u0027.\u003c/p\u003e\u003cp\u003eThis affects all versions 8.20.0 and below. \u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "\nThe webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through \u0027eval injection\u0027.\n\nThis affects all versions 8.20.0 and below. \n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-95",
"description": "CWE-95 Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-08T00:27:25.544Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Proofpoint Enterprise Protection webutils authenticated RCE",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2023-0089",
"datePublished": "2023-03-08T00:27:25.544Z",
"dateReserved": "2023-01-05T19:17:19.339Z",
"dateUpdated": "2025-02-28T16:36:53.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46332 (GCVE-0-2022-46332)
Vulnerability from cvelistv5
Published
2022-12-06 19:52
Modified
2025-04-23 16:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| proofpoint | enterprise_protection |
Version: 8.* ≤ 8.19.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46332",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T16:11:29.396664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:11:39.031Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "enterprise_protection",
"vendor": "proofpoint",
"versions": [
{
"changes": [
{
"at": "8.19.0 patch 4546",
"status": "unaffected"
},
{
"at": "8.18.6 patch 4545",
"status": "unaffected"
},
{
"at": "8.18.4 patch 4544",
"status": "unaffected"
},
{
"at": "8.13.22 patch 4543",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.19.0",
"status": "affected",
"version": "8.*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ly1g3"
}
],
"datePublic": "2022-12-06T20:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.\u003c/p\u003e"
}
],
"value": "The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-07T20:38:50.306Z",
"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"shortName": "Proofpoint"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Proofpoint Enterprise Protection (PPS/PoD) XSS in \"Attachment Names\"",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46",
"assignerShortName": "Proofpoint",
"cveId": "CVE-2022-46332",
"datePublished": "2022-12-06T19:52:02.111Z",
"dateReserved": "2022-11-29T16:10:15.064Z",
"dateUpdated": "2025-04-23T16:11:39.031Z",
"requesterUserId": "71106589-dd87-430f-8b38-9a34386900d1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31608 (GCVE-0-2021-31608)
Vulnerability from cvelistv5
Published
2022-11-17 00:00
Modified
2025-04-30 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0011"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-31608",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T15:20:33.550718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T15:20:40.066Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0011"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31608",
"datePublished": "2022-11-17T00:00:00.000Z",
"dateReserved": "2021-04-23T00:00:00.000Z",
"dateUpdated": "2025-04-30T15:20:40.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-01-09 22:15
Modified
2024-11-21 08:42
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | 8.18.6 | |
| proofpoint | enterprise_protection | 8.20.0 | |
| proofpoint | enterprise_protection | 8.20.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E481ED5-1AC8-4FEA-9169-17CDE7AB93DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83C899EC-C3E7-4D34-8362-DEB40F16AD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C22954AF-4D4E-4C9D-868A-62091BD57CC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\n\n"
},
{
"lang": "es",
"value": "Proofpoint Enterprise Protection contiene una vulnerabilidad en el agente de entrega de correo electr\u00f3nico que permite a un atacante no autenticado inyectar HTML codificado incorrectamente en el cuerpo de un mensaje de correo electr\u00f3nico a trav\u00e9s del asunto del correo electr\u00f3nico. La vulnerabilidad se debe a una codificaci\u00f3n inadecuada al reescribir el correo electr\u00f3nico antes de la entrega. Este problema afecta a Proofpoint Enterprise Protection: desde 8.20.2 antes del parche 4809, desde 8.20.0 antes del parche 4805, desde 8.18.6 antes del parche 4804 y todas las dem\u00e1s versiones anteriores."
}
],
"id": "CVE-2023-5770",
"lastModified": "2024-11-21T08:42:27.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-09T22:15:43.400",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-838"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-838"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-17 22:15
Modified
2025-04-30 16:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4987253-4C46-4CA1-A3C9-C854E95CC23C",
"versionEndExcluding": "18.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control."
},
{
"lang": "es",
"value": "Proofpoint Enterprise Protection anterior a 18.8.0 permite omitir un control de seguridad."
}
],
"id": "CVE-2021-31608",
"lastModified": "2025-04-30T16:15:20.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-11-17T22:15:10.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-11-06 21:15
Modified
2024-11-21 08:42
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | 8.18.6 | |
| proofpoint | enterprise_protection | 8.20.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C40603FE-5480-409F-B54D-258A2FF1F4B6",
"versionEndExcluding": "8.18.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:-:*:*:*:*:*:*",
"matchCriteriaId": "8DB3C7A6-7C23-4804-817B-6D34B883C629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B74B427B-0A91-4FC6-85A7-FBB1B5439B61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages.\u00a0\u00a0This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.\n\n"
},
{
"lang": "es",
"value": "Proofpoint Enterprise Protection contiene una vulnerabilidad XSS almacenada en AdminUI. Un atacante no autenticado puede enviar un correo electr\u00f3nico especialmente manipulado con HTML en el asunto que activa XSS al ver mensajes en cuarentena. Este problema afecta a Proofpoint Enterprise Protection: desde 8.20.0 antes del parche 4796, desde 8.18.6 antes del parche 4795 y todas las dem\u00e1s versiones anteriores."
}
],
"id": "CVE-2023-5771",
"lastModified": "2024-11-21T08:42:27.397",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-06T21:15:10.203",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0010"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-06 20:15
Modified
2024-11-21 07:30
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8989910-63F8-4E56-AC31-F2FF3FAB1991",
"versionEndIncluding": "8.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.\n\n"
},
{
"lang": "es",
"value": "La interfaz de usuario administrador en Proofpoint Enterprise Protection (PPS/PoD) contiene una vulnerabilidad de inyecci\u00f3n de comandos que permite a un administrador ejecutar comandos m\u00e1s all\u00e1 de su alcance permitido. Esto afecta a todas las versiones 8.19.0 y anteriores."
}
],
"id": "CVE-2022-46333",
"lastModified": "2024-11-21T07:30:24.493",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-06T20:15:10.690",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-08 01:15
Modified
2024-11-21 07:36
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'.
This affects all versions 8.20.0 and below.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | 8.18.6 | |
| proofpoint | enterprise_protection | 8.20.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F25CC84-3AA4-4B66-8206-F26C14443A13",
"versionEndExcluding": "8.13.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "202B7803-2398-41E7-B88B-2D64384ADC74",
"versionEndExcluding": "8.18.4",
"versionStartIncluding": "8.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E481ED5-1AC8-4FEA-9169-17CDE7AB93DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83C899EC-C3E7-4D34-8362-DEB40F16AD09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nThe webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through \u0027eval injection\u0027.\n\nThis affects all versions 8.20.0 and below. \n\n\n\n\n\n"
}
],
"id": "CVE-2023-0089",
"lastModified": "2024-11-21T07:36:31.983",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-08T01:15:10.240",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-95"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-06 20:15
Modified
2024-11-21 07:30
Severity ?
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8989910-63F8-4E56-AC31-F2FF3FAB1991",
"versionEndIncluding": "8.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8.19.0 and below.\n\n"
},
{
"lang": "es",
"value": "La funci\u00f3n Admin Smart Search en Proofpoint Enterprise Protection (PPS/PoD) contiene una vulnerabilidad de cross-site scripting almacenado que permite a un remitente de correo electr\u00f3nico an\u00f3nimo obtener privilegios de administrador dentro de la interfaz de usuario. Esto afecta a todas las versiones 8.19.0 y anteriores."
}
],
"id": "CVE-2022-46332",
"lastModified": "2024-11-21T07:30:24.360",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-06T20:15:10.610",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0002"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-08 01:15
Modified
2024-11-21 07:36
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | 8.18.6 | |
| proofpoint | enterprise_protection | 8.20.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F25CC84-3AA4-4B66-8206-F26C14443A13",
"versionEndExcluding": "8.13.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "202B7803-2398-41E7-B88B-2D64384ADC74",
"versionEndExcluding": "8.18.4",
"versionStartIncluding": "8.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E481ED5-1AC8-4FEA-9169-17CDE7AB93DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83C899EC-C3E7-4D34-8362-DEB40F16AD09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through \u0027eval injection\u0027. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.\n\n"
}
],
"id": "CVE-2023-0090",
"lastModified": "2024-11-21T07:36:32.103",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-08T01:15:10.343",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2023-0001"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-95"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-07 12:15
Modified
2024-11-21 05:02
Severity ?
Summary
Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:-:*:*:*",
"matchCriteriaId": "B91452FE-B062-4075-BCED-161A9C8CB9C6",
"versionEndExcluding": "8.13.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:-:*:*:*",
"matchCriteriaId": "DFAF7523-788B-4F09-87F4-C67F1975DDE3",
"versionEndExcluding": "8.16.4",
"versionStartIncluding": "8.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled."
},
{
"lang": "es",
"value": "Proofpoint Enterprise Protection (PPS/PoD) versiones anteriores a 8.16.4, contiene una vulnerabilidad que podr\u00eda permitir a un atacante entregar un mensaje de correo electr\u00f3nico con un archivo adjunto malicioso que omita las reglas de escaneo y bloqueo de archivos. La vulnerabilidad se presenta porque los mensajes con determinadas estructuras multiparte malformadas y dise\u00f1adas no se manejan correctamente"
}
],
"id": "CVE-2020-14009",
"lastModified": "2024-11-21T05:02:20.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-07T12:15:07.107",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-13 15:15
Modified
2024-11-21 06:19
Severity ?
Summary
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C612296-AD84-4E91-A4D6-62C8CEAF676E",
"versionEndExcluding": "8.12.0-2108090000",
"versionStartIncluding": "8.12.0-2107140000",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass."
},
{
"lang": "es",
"value": "Proofpoint Enterprise Protection versiones anteriores a 8.12.0-2108090000 permite una omisi\u00f3n del control de seguridad"
}
],
"id": "CVE-2021-39304",
"lastModified": "2024-11-21T06:19:11.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-13T15:15:07.760",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/blog"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/blog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-04-28 21:15
Modified
2025-05-10 00:56
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | 8.18.6 | |
| proofpoint | enterprise_protection | 8.20.6 | |
| proofpoint | enterprise_protection | 8.21.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:*:*:*:-:*:*:*",
"matchCriteriaId": "79AADBAC-33A4-404F-828D-6758C564A124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.6:*:*:*:-:*:*:*",
"matchCriteriaId": "CDD35655-46C3-487C-ADC7-562A9EA3DBB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.21.0:*:*:*:-:*:*:*",
"matchCriteriaId": "702F4569-3720-4A2C-98FC-FDE52C5574D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system."
},
{
"lang": "es",
"value": "Enterprise Protection contiene una vulnerabilidad de validaci\u00f3n de entrada incorrecta en la defensa contra archivos adjuntos que permite a un atacante remoto no autenticado eludir la pol\u00edtica de seguridad de escaneo de archivos adjuntos mediante el env\u00edo de un archivo adjunto S/MIME malicioso con una firma opaca. Al ser abierto por un destinatario en un cliente de correo electr\u00f3nico secundario, el archivo adjunto malicioso podr\u00eda causar una p\u00e9rdida parcial de la integridad y confidencialidad de su sistema."
}
],
"id": "CVE-2024-10635",
"lastModified": "2025-05-10T00:56:29.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-04-28T21:15:56.427",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2025-0002"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-21 21:15
Modified
2024-11-21 07:30
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8989910-63F8-4E56-AC31-F2FF3FAB1991",
"versionEndIncluding": "8.19.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.\n\n"
},
{
"lang": "es",
"value": "Proofpoint Enterprise Protection (PPS/PoD) contiene una vulnerabilidad que permite al usuario de pps escalar a privilegios de root debido a permisos innecesarios. Esto afecta a todas las versiones 8.19.0 y anteriores.\n "
}
],
"id": "CVE-2022-46334",
"lastModified": "2024-11-21T07:30:24.627",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-21T21:15:09.360",
"references": [
{
"source": "security@proofpoint.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0004"
}
],
"sourceIdentifier": "security@proofpoint.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "security@proofpoint.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-13 21:15
Modified
2024-11-21 04:35
Severity ?
Summary
A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| proofpoint | enterprise_protection | * | |
| proofpoint | enterprise_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "8092EE05-7BA8-4642-8801-DEFE297AB63F",
"versionEndIncluding": "8.9.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:-:*:*:*",
"matchCriteriaId": "01139471-620E-44EB-87D3-B14BCBC67F89",
"versionEndIncluding": "8.14.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email."
},
{
"lang": "es",
"value": "Una vulnerabilidad de filtrado de extensiones de archivos en Proofpoint Enterprise Protection (PPS / PoD), en las versiones sin parches de PPS a trav\u00e9s de 8.9.22 y 8.14.2 respectivamente, permite a los atacantes eludir los mecanismos de protecci\u00f3n (relacionados con extensiones, tipos MIME, detecci\u00f3n de virus y entradas de diario para archivos transmitidos) mediante el env\u00edo de correo electr\u00f3nico multiparte con formato incorrecto (no compatible con RFC)."
}
],
"id": "CVE-2019-19680",
"lastModified": "2024-11-21T04:35:10.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-13T21:15:11.120",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/cve-2019-19680"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/cve-2019-19680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0001"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}