A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Proofpoint
Published: 2023-06-27T14:32:26.673Z
Updated: 2024-08-02T16:37:40.673Z
Reserved: 2023-06-20T20:19:49.399Z
Link: CVE-2023-36002
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-06-27T15:15:11.187
Modified: 2023-07-06T16:02:22.573
Link: CVE-2023-36002
Redhat
No data.