{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T13:42:22", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.proofpoint.com/us/blog"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0002"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-8884", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.proofpoint.com/us/blog", "refsource": "MISC", "url": "https://www.proofpoint.com/us/blog"}, {"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0002", "refsource": "CONFIRM", "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0002"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-8884", "datePublished": "2021-01-06T13:42:22", "dateReserved": "2020-02-11T00:00:00", "dateUpdated": "2021-01-06T13:42:22", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*", "matchCriteriaId": "7555EFF6-7B9D-48EC-BCF4-A7F51769E1E4", "versionEndExcluding": "7.4.2", "versionStartIncluding": "6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*", "matchCriteriaId": "533604AC-2B70-4FE3-AE51-097EE611FD73", "versionEndExcluding": "7.5.3", "versionStartIncluding": "7.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*", "matchCriteriaId": "EF744303-BBC8-4D9E-B11A-BFB33D071A04", "versionEndExcluding": "7.6.4", "versionStartIncluding": "7.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*", "matchCriteriaId": "39B3E59B-3DED-4F01-8B0A-7DB79585FBC5", "versionEndExcluding": "7.7.4", "versionStartIncluding": "7.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:proofpoint:insider_threat_management:*:*:*:*:*:windows:*:*", "matchCriteriaId": "EFEABC1C-8420-444E-99FD-2390D0E0ABF6", "versionEndExcluding": "7.8.3", "versionStartIncluding": "7.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes."}, {"lang": "es", "value": "rcdsvc en el Proofpoint Insider Threat Management Windows Agent (anteriormente ObserveIT Windows Agent) versiones anteriores a 7.9, permite a los usuarios autenticados remotamente ejecutar c\u00f3digo arbitrario como SYSTEM debido a una deserializaci\u00f3n inapropiada sobre tuber\u00edas nombradas"}], "id": "CVE-2020-8884", "lastModified": "2021-01-13T19:21:05.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-06T14:15:13.920", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/blog"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0002"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}