CVE-2021-40843 - OpenCVE

Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of that data. When chained with a SQL injection vulnerability, the vulnerability could be exploited remotely if Web Console users click a series of maliciously crafted URLs. All versions prior to 7.11.2 are affected.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Proofpoint	Insider Threat Management Server

Configuration 1 [-]

cpe:2.3:a:proofpoint:insider_threat_management_server:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.proofpoint.com/us/security/security-advisories	Vendor Advisory
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0009	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-10-13T17:10:53

Updated: 2021-10-13T17:10:53

Reserved: 2021-09-10T00:00:00

Link: CVE-2021-40843

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-10-13T18:15:08.053

Modified: 2021-10-19T20:37:44.640

Link: CVE-2021-40843

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of that data. When chained with a SQL injection vulnerability, the vulnerability could be exploited remotely if Web Console users click a series of maliciously crafted URLs. All versions prior to 7.11.2 are affected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-10-13T17:10:53", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.proofpoint.com/us/security/security-advisories"}, {"tags": ["x_refsource_MISC"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0009"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-40843", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of that data. When chained with a SQL injection vulnerability, the vulnerability could be exploited remotely if Web Console users click a series of maliciously crafted URLs. All versions prior to 7.11.2 are affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.proofpoint.com/us/security/security-advisories", "refsource": "MISC", "url": "https://www.proofpoint.com/us/security/security-advisories"}, {"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0009", "refsource": "MISC", "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0009"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-40843", "datePublished": "2021-10-13T17:10:53", "dateReserved": "2021-09-10T00:00:00", "dateUpdated": "2021-10-13T17:10:53", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:insider_threat_management_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "C084FE53-559E-4813-80AD-EB212C05CACE", "versionEndExcluding": "7.11.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console. An attacker with write access to the local database could cause arbitrary code to execute with SYSTEM privileges on the underlying server when a Web Console user triggers retrieval of that data. When chained with a SQL injection vulnerability, the vulnerability could be exploited remotely if Web Console users click a series of maliciously crafted URLs. All versions prior to 7.11.2 are affected."}, {"lang": "es", "value": "Proofpoint Insider Threat Management Server contiene una vulnerabilidad de deserializaci\u00f3n no segura en la consola web. Un atacante con acceso de escritura a la base de datos local podr\u00eda causar la ejecuci\u00f3n de c\u00f3digo arbitrario con privilegios SYSTEM en el servidor subyacente cuando un usuario de la Consola Web desencadena la recuperaci\u00f3n de esos datos. Cuando se encadena con una vulnerabilidad de inyecci\u00f3n SQL, la vulnerabilidad podr\u00eda ser explotada remotamente si usuarios de la Consola Web hacen clic en una serie de URLs maliciosamente dise\u00f1adas. Todas las versiones anteriores a 7.11.2 est\u00e1n afectadas"}], "id": "CVE-2021-40843", "lastModified": "2021-10-19T20:37:44.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-10-13T18:15:08.053", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0009"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}