CVE-2023-36002
ITM Server Missing Authorization for URL validation
A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
Proofpoint · Insider Threat ManagementWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →