CVE-2023-2818: ITM Windows Agent Insecure Filesystem Permissions
First published: Tue Jun 27 2023(Updated: )
An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected.
Credit: security@proofpoint.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Proofpoint Insider Threat Management | <7.14.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-2818.
What is the title of this vulnerability?
The title of this vulnerability is 'An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring.'
What is the affected software?
The affected software is the Insider Threat Management Agent for Windows, all versions prior to 7.14.3.
What is the severity of this vulnerability?
The severity of this vulnerability is medium with a severity value of 5.5.
How can I fix this vulnerability?
To fix this vulnerability, update the Insider Threat Management Agent for Windows to version 7.14.3 or later.
- agent/type
- agent/softwarecombine
- agent/references
- agent/author
- agent/severity
- agent/title
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/proofpoint
- canonical/proofpoint insider threat management