Insider Threat Management
Approved changes feed: RSS · Atom
cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*
part: a version: * update: *
| Vendor | Proofpoint (a6e799ec-33c1-574b-ba22-45b33dd0559d) |
|---|---|
| Product | Insider Threat Management (b94ea2cb-e817-5078-89e2-dd7b3f4c2fa0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-2818 |
vulnerable | 2026-06-08 06:02:43.136082 |
ITM Windows Agent Insecure Filesystem Permissions
MEDIUM (5.5)
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.
Published: 2023-06-27T14:29:49.258Z
Updated: 2024-11-07T17:06:01.258Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-25294 |
vulnerable | 2026-06-08 05:41:45.672080 |
Details available
Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 are affected. Agents for MacOS and Linux and Cloud are unaffected. Proofpoint has released fixed software version 7.12.1. The fixed software versions are available through the customer support portal.
Published: 2022-03-07T17:54:08.000Z
Updated: 2024-08-03T04:36:06.653Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-22159 |
vulnerable | 2026-06-08 05:29:59.964829 |
Details available
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected.
Published: 2021-01-26T19:44:39.000Z
Updated: 2024-08-03T18:37:18.310Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-8884 |
vulnerable | 2026-06-08 05:27:19.900297 |
Details available
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes.
Published: 2021-01-06T13:42:22.000Z
Updated: 2024-08-04T10:12:10.986Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.