CVE-2023-4801

An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to 7.14.3.69 are affected. Agents for Windows, Linux, and Cloud are unaffected.
Configurations

Configuration 1 (hide)

cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:macos:*:*

History

21 Nov 2024, 08:35

Type Values Removed Values Added
References () https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-006 - Broken Link () https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-006 - Broken Link

15 Sep 2023, 19:06

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CPE cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:macos:*:*
References
  • (MISC) https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0006 - Vendor Advisory
References (MISC) https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-006 - (MISC) https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-006 - Broken Link
CWE CWE-295
First Time Proofpoint insider Threat Management
Proofpoint

13 Sep 2023, 16:34

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-13 16:15

Updated : 2024-11-21 08:35


NVD link : CVE-2023-4801

Mitre link : CVE-2023-4801

CVE.ORG link : CVE-2023-4801


JSON object : View

Products Affected

proofpoint

  • insider_threat_management
CWE
CWE-295

Improper Certificate Validation