Proofpoint Insider Threat Management Server Authentication Bypass Vulnerability Allowing Agent Unregistration

Vulnerability

An authentication bypass vulnerability has been identified in Proofpoint Insider Threat Management (ITM) Server versions prior to 7.17.2. This vulnerability allows unauthenticated users on an adjacent network to unregister agents when the number of registered agents exceeds the licensed limit. Exploiting this vulnerability prevents the server from receiving new events from the affected agents, leading to a partial loss of integrity and availability, without impacting confidentiality.

Impact

Exploitation of this vulnerability causes a partial loss of integrity and availability by disrupting the server's event reception from affected agents, while confidentiality remains unaffected.

Added: Nov 3, 2025, 7:20 PM

Updated: Nov 3, 2025, 7:20 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

4.9

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Proofpoint Insider Threat Management Server Authentication Bypass Vulnerability Allowing Agent Unregistration

Vulnerability

Impact

Affected Products

Proofpoint Insider Threat Management Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating