CVE-2023-5770 - OpenCVE

Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Proofpoint	Enterprise Protection

Configuration 1 [-]

OR	cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:::::::*
	cpe:2.3:a:proofpoint:enterprise_protection:8.20.0:::::::*
	cpe:2.3:a:proofpoint:enterprise_protection:8.20.2:::::::*

References

Link	Resource
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Proofpoint

Published: 2024-01-09T22:02:03.839Z

Updated: 2024-01-09T22:02:03.839Z

Reserved: 2023-10-25T17:57:53.751Z

Link: CVE-2023-5770

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-09T22:15:43.400

Modified: 2024-01-18T15:54:37.647

Link: CVE-2023-5770

JSON object: View

Redhat Information

No data.

CWE

CWE-838

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-5770", "assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "state": "PUBLISHED", "assignerShortName": "Proofpoint", "dateReserved": "2023-10-25T17:57:53.751Z", "datePublished": "2024-01-09T22:02:03.839Z", "dateUpdated": "2024-01-09T22:02:03.839Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "modules": ["Email Delivery Agent"], "product": "Proofpoint Enterprise Protection", "vendor": "Proofpoint", "versions": [{"changes": [{"at": "patch 4809", "status": "unaffected"}], "lessThan": "patch 4809", "status": "affected", "version": "8.20.2", "versionType": "semver"}, {"changes": [{"at": "patch 4805", "status": "unaffected"}], "lessThan": "patch 4805", "status": "affected", "version": "8.20.0", "versionType": "semver"}, {"changes": [{"at": "patch 4804", "status": "unaffected"}], "lessThan": "patch 4804", "status": "affected", "version": "8.18.6", "versionType": "semver"}, {"lessThan": "8.18.6", "status": "affected", "version": "8.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.</span><p>This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.</p>"}], "value": "Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-838", "description": "CWE-838 Inappropriate Encoding for Output Context", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "shortName": "Proofpoint", "dateUpdated": "2024-01-09T22:02:03.839Z"}, "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"}], "source": {"discovery": "UNKNOWN"}, "title": "HTML injection in email body through email subject", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.18.6:*:*:*:*:*:*:*", "matchCriteriaId": "7E481ED5-1AC8-4FEA-9169-17CDE7AB93DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.0:*:*:*:*:*:*:*", "matchCriteriaId": "83C899EC-C3E7-4D34-8362-DEB40F16AD09", "vulnerable": true}, {"criteria": "cpe:2.3:a:proofpoint:enterprise_protection:8.20.2:*:*:*:*:*:*:*", "matchCriteriaId": "C22954AF-4D4E-4C9D-868A-62091BD57CC7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.\n\n"}, {"lang": "es", "value": "Proofpoint Enterprise Protection contiene una vulnerabilidad en el agente de entrega de correo electr\u00f3nico que permite a un atacante no autenticado inyectar HTML codificado incorrectamente en el cuerpo de un mensaje de correo electr\u00f3nico a trav\u00e9s del asunto del correo electr\u00f3nico. La vulnerabilidad se debe a una codificaci\u00f3n inadecuada al reescribir el correo electr\u00f3nico antes de la entrega. Este problema afecta a Proofpoint Enterprise Protection: desde 8.20.2 antes del parche 4809, desde 8.20.0 antes del parche 4805, desde 8.18.6 antes del parche 4804 y todas las dem\u00e1s versiones anteriores."}], "id": "CVE-2023-5770", "lastModified": "2024-01-18T15:54:37.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security@proofpoint.com", "type": "Secondary"}]}, "published": "2024-01-09T22:15:43.400", "references": [{"source": "security@proofpoint.com", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009"}], "sourceIdentifier": "security@proofpoint.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-838"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-838"}], "source": "security@proofpoint.com", "type": "Secondary"}]}