Vulnerabilities > Proofpoint > Insider Threat Management Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-27 CVE-2023-35998 Missing Authorization vulnerability in Proofpoint Insider Threat Management Server
A missing authorization check in multiple SOAP endpoints of the Insider Threat Management Server enables an attacker on an adjacent network to read and write unauthorized objects.
low complexity
proofpoint CWE-862
4.6
2023-06-27 CVE-2023-36000 Missing Authorization vulnerability in Proofpoint Insider Threat Management Server
A missing authorization check in the MacOS agent configuration endpoint of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to obtain sensitive information.
low complexity
proofpoint CWE-862
6.5
2023-06-27 CVE-2023-36002 Missing Authorization vulnerability in Proofpoint Insider Threat Management Server
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups.
low complexity
proofpoint CWE-862
4.3