{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-2819", "assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "state": "PUBLISHED", "assignerShortName": "Proofpoint", "dateReserved": "2023-05-19T21:05:55.711Z", "datePublished": "2023-06-14T21:14:38.212Z", "dateUpdated": "2024-12-30T14:55:42.337Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Threat Response Auto Pull", "vendor": "Proofpoint", "versions": [{"lessThan": "5.10.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-06-14T21:05:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. \u202fThis could result in arbitrary javascript code execution in an admin context.\u202fAll versions prior to 5.10.0 are affected.\u202f "}], "value": "A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. \u202fThis could result in arbitrary javascript code execution in an admin context.\u202fAll versions prior to 5.10.0 are affected.\u202f\u00a0"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "shortName": "Proofpoint", "dateUpdated": "2023-06-14T21:14:38.212Z"}, "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0002"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.790Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0002", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-30T14:55:27.953543Z", "id": "CVE-2023-2819", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-30T14:55:42.337Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0002", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T06:33:05.790Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-2819", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-30T14:55:27.953543Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-30T14:55:37.778Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Proofpoint", "product": "Threat Response Auto Pull", "versions": [{"status": "affected", "version": "0", "lessThan": "5.10.0", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2023-06-14T21:05:00.000Z", "references": [{"url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0002"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. \u202fThis could result in arbitrary javascript code execution in an admin context.\u202fAll versions prior to 5.10.0 are affected.\u202f\u00a0", "supportingMedia": [{"type": "text/html", "value": "A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. \u202fThis could result in arbitrary javascript code execution in an admin context.\u202fAll versions prior to 5.10.0 are affected.\u202f ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "shortName": "Proofpoint", "dateUpdated": "2023-06-14T21:14:38.212Z"}}}, "cveMetadata": {"cveId": "CVE-2023-2819", "state": "PUBLISHED", "dateUpdated": "2024-12-30T14:55:42.337Z", "dateReserved": "2023-05-19T21:05:55.711Z", "assignerOrgId": "d83a79dd-e128-4b83-8b64-84faf54eed46", "datePublished": "2023-06-14T21:14:38.212Z", "assignerShortName": "Proofpoint"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:proofpoint:threat_response_auto_pull:*:*:*:*:*:*:*:*", "matchCriteriaId": "3821A290-3BCD-4C03-90CB-D001AC1590F7", "versionEndExcluding": "5.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type. \u202fThis could result in arbitrary javascript code execution in an admin context.\u202fAll versions prior to 5.10.0 are affected.\u202f\u00a0"}], "id": "CVE-2023-2819", "lastModified": "2024-11-21T07:59:21.110", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 2.7, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 2.7, "source": "[email protected]", "type": "Primary"}]}, "published": "2023-06-14T22:15:09.203", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0002"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "[email protected]", "type": "Primary"}]}

{}