Vulnerabilities > CVE-2020-10657 - Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |