Vulnerabilities > Proofpoint > Insider Threat Management Server > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-10-13 CVE-2021-40842 SQL Injection vulnerability in Proofpoint Insider Threat Management Server
Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console.
network
low complexity
proofpoint CWE-89
critical
9.8
2021-01-06 CVE-2020-10655 Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API.
network
low complexity
proofpoint CWE-502
critical
9.8
2021-01-06 CVE-2020-10656 Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API.
network
low complexity
proofpoint CWE-502
critical
9.8
2021-01-06 CVE-2020-10658 Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management Server
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API.
network
low complexity
proofpoint CWE-502
critical
9.8