The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Servers certificate, which enables a remote attacker to intercept and alter these communications using a man-in-the-middle attack. All versions before 7.11.1 are affected. Agents for Windows and Cloud are not affected.
The product does not validate, or incorrectly validates, a certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Insider_threat_management | Proofpoint | 7.9.0 (including) | 7.9.3 (excluding) |
Insider_threat_management | Proofpoint | 7.10.0 (including) | 7.10.3 (excluding) |
Insider_threat_management | Proofpoint | 7.11.0 (including) | 7.11.1 (excluding) |