CVE-2023-36002

low-risk

Published 2023-06-27

A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected.

Do I need to act?

0.07% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.3/10 Medium

ADJACENT_NETWORK / LOW complexity

Affected Products (1)

Insider Threat Management Server

Affected Vendors

Proofpoint

References (3)

Not Applicable https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005

Vendor Advisory https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0004

Not Applicable https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-005

/ 100

low-risk

Severity 15/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal