CVE-2024-0862

Name of the Vulnerable Software and Affected Versions Proofpoint Enterprise Protection (affected versions not specified)

Description The issue concerns a Server-Side Request Forgery vulnerability in the Proofpoint Encryption endpoint. This allows an authenticated user to relay HTTP requests from the Protection server to private network addresses. There are reports of real-world incidents where this issue was exploited, with claims of hacking into the Proofpoint email security product using two vulnerabilities.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.