CVE-2020-10657

HIGH

Proofpoint Insider Threat Management Server <7.9.1 - Code Injection

Title source: llm

Description

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.

References (2)

[Product] https://www.proofpoint.com/us/blog

[Vendor Advisory] https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2020-0003

Scores

CVSS v3 7.2

EPSS 0.0459

EPSS Percentile 89.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-502

Status published

Affected Products (1)

proofpoint/insider_threat_management_server < 7.9.1

Timeline

Published Jan 06, 2021

Tracked Since Feb 18, 2026