CVE-2024-3676

Summary

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains an Improper Input Validation vulnerability that allows an unauthenticated remote attacker with a specially crafted HTTP request to create additional Encryption user accounts under the attacker's control.  These accounts are able to send spoofed email to any users within the domains configured by the Administrator.

Affected Software

VendorProductVersion RangeStatus
ProofpointEnterprise Protection8.18.6 < patch 4868affected
ProofpointEnterprise Protection8.20.0 < patch 4869affected
ProofpointEnterprise Protection8.20.2 < patch 4870affected
ProofpointEnterprise Protection8.20.4 < patch 4871affected
ProofpointEnterprise Protection8.21.0 < patch 4871affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References