Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails.
AnalysisAI
SEPPmail Secure Email Gateway before version 15.0.3 allows authenticated attackers with access to a victim's GINA account to bypass secondary password verification and directly access protected emails, circumventing a multi-factor authentication mechanism intended to protect sensitive correspondence.
Technical ContextAI
SEPPmail Secure Email Gateway implements a GINA (Generic Internet Naming Architecture) account system with a secondary password check as a defense-in-depth control for accessing encrypted or protected emails. The vulnerability stems from insufficient authentication validation (CWE-306: Missing Authentication for Critical Function), allowing an attacker who has compromised or obtained access to a victim's primary GINA credentials to skip or bypass the secondary password prompt entirely. This breaks the intended two-factor authentication workflow and exposes the confidentiality of protected email messages. The affected product is the SEPPmail Secure Email Gateway suite across all versions prior to 15.0.3, as indicated by the CPE string specifying all versions (indicated by the wildcard) below the fixed version.
RemediationAI
Organizations must upgrade SEPPmail Secure Email Gateway to version 15.0.3 or later to remediate this vulnerability. The vendor has released patched version 15.0.3, which includes a fix for the secondary password bypass. Administrators should follow the standard SEPPmail update procedures, test the patched version in a non-production environment if possible, and schedule a maintenance window to deploy the update. Detailed upgrade instructions and release notes are available in the SEPPmail Secure Email Gateway version 15.0.3 release notes at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503. Until patching is completed, organizations should monitor GINA account access logs for unauthorized login attempts and consider implementing additional access controls or temporary restrictions on sensitive user accounts.
More in Secure Email Gateway
View allSecure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove
Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e
Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers
Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security t
SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte
Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME
Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18144
GHSA-7w6x-34cj-2vph