The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
References
Link | Resource |
---|---|
https://www.proofpoint.com/us/blog | Product |
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0003 | Vendor Advisory |
Configurations
History
08 Jan 2021, 20:39
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-502 | |
CPE | cpe:2.3:a:proofpoint:insider_threat_management_server:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
References | (MISC) https://www.proofpoint.com/us/blog - Product | |
References | (CONFIRM) https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0003 - Vendor Advisory |
06 Jan 2021, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-06 14:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-10657
Mitre link : CVE-2020-10657
CVE.ORG link : CVE-2020-10657
JSON object : View
Products Affected
proofpoint
- insider_threat_management_server
CWE
CWE-502
Deserialization of Untrusted Data