Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
信息暴露
Vulnerability Title
Proofpoint Threat Response 信息泄露漏洞
Vulnerability Description
Proofpoint Threat Response是Proofpoint公司的领先的安全编排、自动化和响应 (SOAR) 解决方案,使安全团队能够更快、更有效地响应不断变化的威胁形势。 Proofpoint Threat Response和Threat Response Auto-Pull(Threat Response的入门级版本) 5.10.0之前版本存在信息泄露漏洞,该漏洞源于可能被相邻网络上的攻击者用来通过中间人位置或会话流量的密码分析,攻击者利用该漏洞可以使用这些凭据冒充 PTR/TRAP 访
CVSS Information
N/A
Vulnerability Type
N/A