CVE-2019-20634 - OpenCVE

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Proofpoint	Email Protection

Configuration 1 [-]

cpe:2.3:a:proofpoint:email_protection:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/moohax/Proof-Pudding	Third Party Advisory
https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf	Third Party Advisory
https://www.proofpoint.com/us/security/CVE-2019-20634	Vendor Advisory
https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-30T20:50:59

Updated: 2020-08-27T14:42:34

Reserved: 2020-03-30T00:00:00

Link: CVE-2019-20634

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-03-30T21:15:12.373

Modified: 2022-04-27T16:40:35.440

Link: CVE-2019-20634

JSON object: View

Redhat Information

No data.

CWE

CWE-697

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-27T14:42:34", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/moohax/Proof-Pudding"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"tags": ["x_refsource_MISC"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-20634", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/moohax/Proof-Pudding", "refsource": "MISC", "url": "https://github.com/moohax/Proof-Pudding"}, {"name": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf", "refsource": "MISC", "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"name": "https://www.proofpoint.com/us/security/CVE-2019-20634", "refsource": "CONFIRM", "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001", "refsource": "MISC", "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-20634", "datePublished": "2020-03-30T20:50:59", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2020-08-27T14:42:34", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:email_protection:*:*:*:*:*:*:*:*", "matchCriteriaId": "38135AED-BADF-4BCB-9314-320175D5C61A", "versionEndIncluding": "2019-09-08", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Proofpoint Email Protection hasta el 08-09-2019. Mediante la recopilaci\u00f3n de puntajes de los encabezados de correo electr\u00f3nico de Proofpoint, es posible construir un modelo Machine Learning Classification copy-cat y extraer informaci\u00f3n de este modelo. Los conocimientos capturados permiten a un atacante dise\u00f1ar correos electr\u00f3nicos que reciban puntajes preferenciales, con el prop\u00f3sito de entregar correos electr\u00f3nicos maliciosos."}], "id": "CVE-2019-20634", "lastModified": "2022-04-27T16:40:35.440", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-03-30T21:15:12.373", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/moohax/Proof-Pudding"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-697"}], "source": "nvd@nist.gov", "type": "Primary"}]}