Threat Response Auto Pull

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:proofpoint:threat_response_auto_pull:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorProofpoint (a6e799ec-33c1-574b-ba22-45b33dd0559d)
ProductThreat Response Auto Pull (1bfc8635-f575-5beb-86ac-405c579cf677)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-2820 vulnerable 2026-06-08 06:02:43.137903 Details available
MEDIUM (6.1)
An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected. 
Published: 2023-06-14T21:26:31.248Z
Updated: 2024-12-27T16:53:34.487Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-2819 vulnerable 2026-06-08 06:02:43.137334 Details available
MEDIUM (4.3)
A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type.  This could result in arbitrary javascript code execution in an admin context. All versions prior to 5.10.0 are affected.  
Published: 2023-06-14T21:14:38.212Z
Updated: 2024-12-30T14:55:42.337Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.