CVE-2019-20634

low-risk
Published 2020-03-30

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails.

Do I need to act?

~
2.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.7/10 Low
NETWORK / HIGH complexity

Affected Products (1)

Email Protection

Affected Vendors

Proofpoint

References (9)

Third Party Advisory https://github.com/moohax/Proof-Pudding
Third Party Advisory https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf
Vendor Advisory https://www.proofpoint.com/us/security/CVE-2019-20634
Vendor Advisory https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001
https://atlas.mitre.org/studies/AML.CS0008
Third Party Advisory https://github.com/moohax/Proof-Pudding
Third Party Advisory https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf
Vendor Advisory https://www.proofpoint.com/us/security/CVE-2019-20634
Vendor Advisory https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001
23
/ 100
low-risk
Severity 13/34 · Low
Exploitability 5/34 · Minimal
Exposure 5/34 · Minimal