Описание
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Уязвимые конфигурации
Конфигурация 1Версия до 7.9.1 (исключая)
cpe:2.3:a:proofpoint:insider_threat_management_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06601
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-502
Связанные уязвимости
github
больше 3 лет назад
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
EPSS
Процентиль: 91%
0.06601
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-502