#VU70532 Command Injection in Proofpoint Enterprise Protection - CVE-2022-46333

Cybersecurity Help s.r.o.

Published: 2022-12-28

Vulnerability identifier: #VU70532

Vulnerability risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-46333

CWE-ID: CWE-77

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Proofpoint Enterprise Protection
Server applications / DLP, anti-spam, sniffers

Vendor: Proofpoint

Description

The vulnerability allows a remote administrator to execute arbitrary OS commands.

The vulnerability exists due to insecure usage of perl eval() function within the administrative user interface. A remote authenticated administrator can execute arbitrary OS commands on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Proofpoint Enterprise Protection: before 8.13.22

External links
https://www.proofpoint.com/security/security-advisories/pfpt-sa-2022-0003

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Proofpoint Enterprise Protection