Vulnerabilities > Proofpoint > Insider Threat Management > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-13 CVE-2023-4801 Improper Certificate Validation vulnerability in Proofpoint Insider Threat Management
An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered.
high complexity
proofpoint CWE-295
7.5
2022-03-10 CVE-2022-25294 Unspecified vulnerability in Proofpoint Insider Threat Management
Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges.
local
low complexity
proofpoint
7.8
2021-04-06 CVE-2021-27900 Missing Authorization vulnerability in Proofpoint Insider Threat Management
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an authorization check on several pages in the Web Console.
network
low complexity
proofpoint CWE-862
8.1
2021-04-06 CVE-2021-27899 Improper Certificate Validation vulnerability in Proofpoint Insider Threat Management
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack.
network
high complexity
proofpoint CWE-295
7.4
2021-04-06 CVE-2021-22158 XXE vulnerability in Proofpoint Insider Threat Management
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console.
network
low complexity
proofpoint CWE-611
7.2
2021-01-26 CVE-2021-22159 Missing Authentication for Critical Function vulnerability in Proofpoint Insider Threat Management
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user.
local
low complexity
proofpoint CWE-306
7.8
2021-01-06 CVE-2020-8884 Deserialization of Untrusted Data vulnerability in Proofpoint Insider Threat Management
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes.
network
low complexity
proofpoint CWE-502
8.8