CVE-2021-22158

Published: Apr 6, 2021Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file's encryption key to successfully exploit. All versions before 7.11 are affected.

Affected (3)

Products: Proofpoint: Insider Threat Management

Proofpoint

1 product

Insider Threat Management

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Proofpoint Insider Threat Management	From 7.10.0 to 7.10.3
Proofpoint Insider Threat Management	From 7.11.0 to 7.11.1
Proofpoint Insider Threat Management	From 7.9.0 to 7.9.3

Related CWEs

CWE-611

Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

References (2)

https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0003

Source: cve@mitre.org

Vendor Advisory

https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0003

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.