CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Proofpoint: >> Enterprise Protection >> 8.21.0 Security Vulnerabilities

CVE-2024-10635

Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.

CVSS Score

6.1

EPSS Score

0.0

Published

2025-04-28

Page 1

Vulnerabilities

Vulnerable Software

Proofpoint: >> Enterprise Protection >> 8.21.0 Security Vulnerabilities

Products

Pricing

Contact Us