Strix
26.1K

CVE-2021-22158

HIGHCVSS 7.2/10EPSS 0.62%

Last modified

CVE-2021-22158 is a high-severity vulnerability rated 7.2/10 on the CVSS scale. The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file's encryption key to successfully exploit. EPSS estimates a 0.62% chance of exploitation in the next 30 days.

Description

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file's encryption key to successfully exploit. All versions before 7.11 are affected.

Metrics

CVSS 3.1
7.2/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.62%

45.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ProofpointInsider Threat Management>= 7.9.0, < 7.9.3
ProofpointInsider Threat Management>= 7.10.0, < 7.10.3
ProofpointInsider Threat Management>= 7.11.0, < 7.11.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-22158?
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is vulnerable to XML external entity (XXE) injection in the Web Console. The vulnerability requires admin user privileges and knowledge of the XML file's encryption key to successfully exploit. All versions before 7.11 are affected.
How severe is CVE-2021-22158?
CVE-2021-22158 has a CVSS score of 7.2/10 (HIGH severity). The EPSS model estimates a 0.62% probability of exploitation in the next 30 days.
How do I fix CVE-2021-22158?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-22158?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST