CVE-2021-39304
7.5 HIGHProofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass
Published: 2021-10-13 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
| Vendor | Product |
|---|---|
| proofpoint | enterprise_protection |
Description
Proofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-39304
- [Vendor advisory]https://www.proofpoint.com/us/blog
- [Vendor advisory]https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007
- [Vendor advisory]https://www.proofpoint.com/us/blog
- [Vendor advisory]https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0007
Related CVEs
Same vendor
- CVE-2021-40843 — Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in the Web Console (7.3 HIGH)
- CVE-2021-40842 — Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console (9.8 CRITICAL)