Security Control Bypass in Proofpoint Spam Engine
CVE-2021-34814

7.5HIGH

Key Information:

Vendor: Proofpoint
Status: Spam Engine
Vendor: CVE Published:; 13 October 2021

Summary

The Proofpoint Spam Engine prior to version 8.12.0-2106240000 is susceptible to a security control bypass vulnerability. This flaw allows attackers to exploit certain weaknesses in the security mechanisms, potentially leading to unauthorized access or manipulation of the email security service. It is critical for organizations using this software to apply the latest updates to mitigate the risk posed by this vulnerability.

References

https://www.proofpoint.com/us/security/security-advisories

x_refsource_MISC

https://www.proofpoint.com/us/security/security-advisorie...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 13, 2021
Vulnerability Reserved
Jun 16, 2021