CVE-2021-40843

Name of the Vulnerable Software and Affected Versions Proofpoint Insider Threat Management Server versions prior to 7.11.2

Description The issue is related to an unsafe deserialization vulnerability in the Web Console of the Proofpoint Insider Threat Management Server. An attacker with write access to the local database could execute arbitrary code with SYSTEM privileges on the underlying server when a Web Console user triggers the retrieval of that data. This vulnerability can be exploited remotely if chained with a SQL injection vulnerability and Web Console users click on maliciously crafted URLs.

Recommendations For versions prior to 7.11.2, update to version 7.11.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the Web Console and limiting write access to the local database to minimize the risk of exploitation. Additionally, avoid clicking on suspicious or maliciously crafted URLs to prevent potential remote exploitation.