XML External Entity Injection Vulnerability in Proofpoint Insider Threat Management Server
CVE-2021-22158

7.2HIGH

Key Information:

Vendor: Proofpoint
Status: Insider Threat Management
Vendor: CVE Published:; 6 April 2021

What is CVE-2021-22158?

The Proofpoint Insider Threat Management Server, previously known as ObserveIT Server, is susceptible to an XML external entity (XXE) injection vulnerability within its Web Console. This vulnerability necessitates that an attacker possess admin user privileges and be aware of the encryption key for the XML file to execute a successful exploitation. All versions released before 7.11 are impacted, allowing potential unauthorized access and manipulation of sensitive data.

References

https://www.proofpoint.com/us/security/security-advisorie...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 6, 2021
Vulnerability Reserved
Jan 4, 2021