CVE-2021-27899
Last modified
CVE-2021-27899 is a high-severity vulnerability rated 7.4/10 on the CVSS scale. The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. EPSS estimates a 0.64% chance of exploitation in the next 30 days.
Description
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. Agents for Windows and Cloud are not affected.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Proofpoint | Insider Threat Management | >= 7.9.0, < 7.9.3 |
| Proofpoint | Insider Threat Management | >= 7.10.0, < 7.10.3 |
| Proofpoint | Insider Threat Management | >= 7.11.0, < 7.11.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-27899?
How severe is CVE-2021-27899?
How do I fix CVE-2021-27899?
Are you affected by CVE-2021-27899?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST