CVE-2023-4801 HIGH

CVE-2023-4801: ITM MacOS Agent Improper Certificate Validation

Vendor Proofpoint
Product Insider Threat Management
Weakness CWE-295
Published September 13, 2023
Last update September 25, 2024

CVSS base score

7.5/10
Attack vector Adjacent
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to 7.14.3.69 are affected. Agents for Windows, Linux, and Cloud are unaffected.

Key dates

02Disclosure timeline

September 13, 2023 CVE published
September 25, 2024 Record updated