Vulnerabilities > Proofpoint > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-2820 Exposure of Resource to Wrong Sphere vulnerability in Proofpoint Threat Response Auto Pull
An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic.
high complexity
proofpoint CWE-668
6.8
2022-11-17 CVE-2021-31608 Unspecified vulnerability in Proofpoint Enterprise Protection
Proofpoint Enterprise Protection before 18.8.0 allows a Bypass of a Security Control.
network
low complexity
proofpoint
4.3
2021-05-07 CVE-2020-14009 Improper Validation of Integrity Check Value vulnerability in Proofpoint Enterprise Protection 8.14.0/8.14.2
Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules.
network
low complexity
proofpoint CWE-354
6.3
2021-04-06 CVE-2021-22157 Cross-site Scripting vulnerability in Proofpoint Insider Threat Management
Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.11.1 allows stored XSS.
network
low complexity
proofpoint CWE-79
6.1