CVE-2023-4801

Name of the Vulnerable Software and Affected Versions Insider Threat Management (ITM) Agent for MacOS versions prior to 7.14.3.69

Description An improper certification validation issue could allow an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. This could impact the confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 7.14.3.69, update to version 7.14.3.69 or later to resolve the issue. As a temporary workaround, consider restricting network access to the ITM Agent for MacOS to minimize the risk of exploitation.