Email Security Vulnerability in Proofpoint Enterprise Protection by Proofpoint
CVE-2020-14009

6.3MEDIUM

Key Information:

Vendor
Proofpoint
Status
Enterprise Protection
Vendor
CVE Published:
7 May 2021

Summary

A vulnerability exists in Proofpoint Enterprise Protection (PPS/PoD) prior to version 8.16.4, which allows attackers to send email messages with specially crafted multipart structures. This flaw can result in the bypassing of essential email scanning and file-blocking mechanisms, potentially exposing users to malicious attachments that are not properly detected or filtered. Organizations using affected versions are encouraged to upgrade promptly to mitigate the risk of exploitation.

References

https://www.proofpoint.com/us/security/security-advisories
x_refsource_MISC
https://www.proofpoint.com/us/security/security-advisorie...
x_refsource_MISC

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2020-14009 : Email Security Vulnerability in Proofpoint Enterprise Protection by Proofpoint | SecurityVulnerability.io