PT-2025-44789 · Unknown · Insider Threat Management Server
Published
2025-11-03
·
Updated
2025-11-07
·
CVE-2025-8558
CVSS v3.1
5.4
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Insider Threat Management (ITM) Server versions prior to 7.17.2
Description
The Insider Threat Management (ITM) Server has an authentication bypass issue. An unauthenticated user on a nearby network can perform agent unregistration if the number of registered agents exceeds the licensed limit. Exploitation of this issue can stop the server from receiving new events from affected agents, leading to a partial loss of integrity and availability, but does not affect confidentiality.
Recommendations
Update to version 7.17.2 or later.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Insider Threat Management Server