Lucene search
ProofpointCVE-2022-46333HistoryDec 06, 2022 - 8:15 p.m.
CVE-2022-46333
2022-12-0620:15:10
CWE-94
Proofpoint
web.nvd.nist.gov
41
cve-2022-46333
proofpoint enterprise protection
pps
pod
command injection
vulnerability
admin interface
security issue
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
43.3%
The admin user interface in Proofpoint Enterprise Protection (PPS/PoD) contains a command injection vulnerability that enables an admin to execute commands beyond their allowed scope. This affects all versions 8.19.0 and below.
Affected configurations
Node
proofpointenterprise_protectionRange≤8.19.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| proofpoint | enterprise_protection | * | cpe:2.3:a:proofpoint:enterprise_protection:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "enterprise_protection",
"vendor": "proofpoint",
"versions": [
{
"changes": [
{
"at": "8.19.0 patch 4546",
"status": "unaffected"
},
{
"at": "8.18.6 patch 4545",
"status": "unaffected"
},
{
"at": "8.18.4 patch 4544",
"status": "unaffected"
},
{
"at": "8.13.22 patch 4543",
"status": "unaffected"
}
],
"lessThanOrEqual": "8.19.0",
"status": "affected",
"version": "8.*",
"versionType": "semver"
}
]
}
]Related
prion
prion
Command injection
2022-12-06 20:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-46333
2022-12-06 20:15:10
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
7.2
Confidence
High
EPSS
0.001
Percentile
43.3%
Related for CVE-2022-46333