Authentication Bypass in Insider Threat Management Server from Proofpoint
CVE-2025-8558

2.3LOW

Key Information:

Vendor: Proofpoint
Status: Insider Threat Management (itm) Server
Vendor: CVE Published:; 3 November 2025

What is CVE-2025-8558?

The Insider Threat Management Server from Proofpoint has a vulnerability that allows unauthenticated users on an adjacent network to bypass authentication. This exploitation enables malicious actors to unregister agents when the number of registered agents exceeds the licensed limit. This results in a denial of service, preventing the server from processing new events from those affected agents, leading to a significant compromise of the system's integrity and availability while confidentiality remains intact.

Affected Version(s)

Insider Threat Management (ITM) Server 0 < 7.17.2

References

https://www.proofpoint.com/us/security/security-advisorie...

CVSS V4

Score:

2.3

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2025
Vulnerability Reserved
Aug 4, 2025

JSON