CVE-2019-20634 - OpenCVE

An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Proofpoint	Email Protection

Configuration 1 [-]

cpe:2.3:a:proofpoint:email_protection:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/moohax/Proof-Pudding
https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf
https://www.proofpoint.com/us/security/CVE-2019-20634
https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-03-30T20:50:59

Updated: 2024-08-19T18:04:49.591Z

Reserved: 2020-03-30T00:00:00

Link: CVE-2019-20634

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-03-30T21:15:12.373

Modified: 2024-08-19T18:15:09.837

Link: CVE-2019-20634

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails."}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-08-19T18:04:49.591Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/moohax/Proof-Pudding"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"tags": ["x_refsource_MISC"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-20634", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/moohax/Proof-Pudding", "refsource": "MISC", "url": "https://github.com/moohax/Proof-Pudding"}, {"name": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf", "refsource": "MISC", "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"name": "https://www.proofpoint.com/us/security/CVE-2019-20634", "refsource": "CONFIRM", "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"name": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001", "refsource": "MISC", "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T02:46:10.342Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/moohax/Proof-Pudding"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-20634", "datePublished": "2020-03-30T20:50:59", "dateReserved": "2020-03-30T00:00:00", "dateUpdated": "2024-08-19T18:04:49.591Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:email_protection:*:*:*:*:*:*:*:*", "matchCriteriaId": "38135AED-BADF-4BCB-9314-320175D5C61A", "versionEndIncluding": "2019-09-08", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Proofpoint Email Protection hasta el 08-09-2019. Mediante la recopilaci\u00f3n de puntajes de los encabezados de correo electr\u00f3nico de Proofpoint, es posible construir un modelo Machine Learning Classification copy-cat y extraer informaci\u00f3n de este modelo. Los conocimientos capturados permiten a un atacante dise\u00f1ar correos electr\u00f3nicos que reciban puntajes preferenciales, con el prop\u00f3sito de entregar correos electr\u00f3nicos maliciosos."}], "id": "CVE-2019-20634", "lastModified": "2024-08-19T18:15:09.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2020-03-30T21:15:12.373", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/moohax/Proof-Pudding"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/moohax/Talks/blob/master/slides/DerbyCon19.pdf"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/CVE-2019-20634"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sn-2020-0001"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-697"}], "source": "nvd@nist.gov", "type": "Primary"}]}