ITM Windows Agent Insecure Filesystem Permissions
CVE-2023-2818

5.5MEDIUM

Key Information:

Vendor: Proofpoint
Status: Insider Threat Management
Vendor: CVE Published:; 27 June 2023

Summary

An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.

Affected Version(s)

Insider Threat Management Windows 0 < 7.14.3

References

https://www.proofpoint.com/us/security/security-advisorie...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 27, 2023
Vulnerability Reserved
May 19, 2023