Proofpoint Insider Threat Management Server 7.12.0
Approved changes feed: RSS · Atom
cpe:2.3:a:proofpoint:insider_threat_management_server:7.12.0:*:*:*:*:*:*:*
part: a version: 7.12.0 update: *
| Vendor | Proofpoint (a6e799ec-33c1-574b-ba22-45b33dd0559d) |
|---|---|
| Product | Insider Threat Management Server (9163a8a3-e844-5acd-bf44-abd1fb58c07d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-40842 |
vulnerable | 2026-06-08 05:35:19.143600 |
Details available
Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console. The vulnerability exists due to improper input validation on the database name parameter required in certain unauthenticated APIs. A malicious URL visited by anyone with network access to the server could be used to blindly execute arbitrary SQL statements on the backend database. Version 7.12.0 and all versions prior to 7.11.2 are affected.
Published: 2021-10-13T17:17:01.000Z
Updated: 2024-08-04T02:51:07.485Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.