CVE-2020-10657

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.
Configurations

Configuration 1

cpe:2.3:a:proofpoint:insider_threat_management_server:*:*:*:*:*:*:*:*

Information

Published : 2021-01-06 02:15

Updated : 2021-01-08 08:39


NVD link : CVE-2020-10657

Mitre link : CVE-2020-10657

Products Affected
No products.
CWE
CWE-502

Deserialization of Untrusted Data