CVE-2025-8558

MEDIUM

Proofpoint Insider Threat Management Server < 7.17.2 - Unauthenticated Agent Unregistration via Adjacent Network

Title source: llm

Description

Insider Threat Management (ITM) Server versions prior to 7.17.2 contain an authentication bypass vulnerability that allows unauthenticated users on an adjacent network to perform agent unregistration when the number of registered agents exceeds the licensed limit. Successful exploitation prevents the server from receiving new events from affected agents, resulting in a partial loss of integrity and availability with no impact to confidentiality.

References (1)

Core 1

Core References

Broken Link

https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2025-003

Scores

CVSS v3 5.4

EPSS 0.0057

EPSS Percentile 42.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-306

Status published

Products (1)

proofpoint/insider_threat_management_server < 7.17.2

Published Nov 03, 2025

Tracked Since Feb 18, 2026