Proofpoint

Enterprise Protection

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2024-10635

  • EPSS 0.13%
  • Veröffentlicht 28.04.2025 20:36:43
  • Zuletzt bearbeitet 06.10.2025 21:15:32

Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signa...

5.8

CVE-2025-0431

  • EPSS 0.07%
  • Veröffentlicht 19.03.2025 16:18:23
  • Zuletzt bearbeitet 19.03.2025 17:15:41

Enterprise Protection contains a vulnerability in URL rewriting that allows an unauthenticated remote attacker to send an email which bypasses URL protections impacting the integrity of recipient's email. This occurs due to improper filtering of bac...

7.5

CVE-2024-3676

  • EPSS 0.49%
  • Veröffentlicht 14.05.2024 19:15:12
  • Zuletzt bearbeitet 21.11.2024 09:30:09

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP request to create additional Encryption user accou...

5

CVE-2024-0862

  • EPSS 0.22%
  • Veröffentlicht 14.05.2024 19:15:08
  • Zuletzt bearbeitet 21.11.2024 08:47:31

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses.

5.4

CVE-2023-5770

  • EPSS 0.22%
  • Veröffentlicht 09.01.2024 22:15:43
  • Zuletzt bearbeitet 21.11.2024 08:42:27

Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused b...

6.1

CVE-2023-5771

  • EPSS 0.15%
  • Veröffentlicht 06.11.2023 21:15:10
  • Zuletzt bearbeitet 21.11.2024 08:42:27

Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages.  This issue affects Pro...

8.8

CVE-2023-0089

  • EPSS 0.46%
  • Veröffentlicht 08.03.2023 01:15:10
  • Zuletzt bearbeitet 21.11.2024 07:36:31

The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below.

9.8

CVE-2023-0090

  • EPSS 0.44%
  • Veröffentlicht 08.03.2023 01:15:10
  • Zuletzt bearbeitet 21.11.2024 07:36:32

The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is ...

7.8

CVE-2022-46334

  • EPSS 0.03%
  • Veröffentlicht 21.12.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:30:24

Proofpoint Enterprise Protection (PPS/PoD) contains a vulnerability which allows the pps user to escalate to root privileges due to unnecessary permissions. This affects all versions 8.19.0 and below.

9.6

CVE-2022-46332

  • EPSS 0.82%
  • Veröffentlicht 06.12.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 07:30:24

The Admin Smart Search feature in Proofpoint Enterprise Protection (PPS/PoD) contains a stored cross-site scripting vulnerability that enables an anonymous email sender to gain admin privileges within the user interface. This affects all versions 8....