Command Injection in Proofpoint Enterprise Protection

#VU70532 Command Injection in Proofpoint Enterprise Protection

Published: 2022-12-28

Vulnerability identifier: #VU70532

Vulnerability risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-46333

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Proofpoint Enterprise Protection
Server applications / DLP, anti-spam, sniffers

Vendor:

Description

The vulnerability allows a remote administrator to execute arbitrary OS commands.

The vulnerability exists due to insecure usage of perl eval() function within the administrative user interface. A remote authenticated administrator can execute arbitrary OS commands on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

External links
http://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Proofpoint Enterprise Protection