Vulnerability Description
Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipart structures are not properly handled.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Proofpoint | Enterprise Protection | < 8.13.16 |
Related Weaknesses (CWE)
References
- https://www.proofpoint.com/us/security/security-advisoriesVendor Advisory
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006Vendor Advisory
- https://www.proofpoint.com/us/security/security-advisoriesVendor Advisory
- https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2021-0006Vendor Advisory
FAQ
What is CVE-2020-14009?
CVE-2020-14009 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-b...
How severe is CVE-2020-14009?
CVE-2020-14009 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-14009?
Check the references section above for vendor advisories and patch information. Affected products include: Proofpoint Enterprise Protection.