cbcvebase.
CVE-2024-0862
published 2024-05-14

CVE-2024-0862: The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user…

PriorityP426medium5CVSS 3.1
AVNACLPRLUINSCCLINAN
EPSS
0.19%
9.0th percentile
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses.

Affected

5 ranges
VendorProductVersion rangeFixed in
proofpointenterprise_protection>= 8.18.6 < patch 4868patch 4868
proofpointenterprise_protection>= 8.20.0 < patch 4869patch 4869
proofpointenterprise_protection>= 8.20.2 < patch 4870patch 4870
proofpointenterprise_protection>= 8.20.4 < patch 4871patch 4871
proofpointenterprise_protection>= 8.21.0 < patch 4871patch 4871
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.