Skip to main content

Secure Email Gateway CVE-2026-29134

| EUVDEUVD-2026-18148 MEDIUM
Reliance on Untrusted Inputs in a Security Decision (CWE-807)
2026-04-02 NCSC.ch GHSA-v5jf-vjfx-frfr
5.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
15.0.3
EUVD ID Assigned
Apr 02, 2026 - 08:45 euvd
EUVD-2026-18148
Analysis Generated
Apr 02, 2026 - 08:45 vuln.today
CVE Published
Apr 02, 2026 - 08:29 nvd
MEDIUM 5.3

DescriptionCVE.org

SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions.

AnalysisAI

SEPPmail Secure Email Gateway before version 15.0.3 allows unauthenticated external users to modify GINA webdomain metadata and bypass per-domain restrictions, enabling attackers to circumvent email security controls across isolated security domains. NCSC.ch reported this authentication bypass vulnerability affecting all versions prior to 15.0.3. The ability to modify domain-level metadata across organizational security boundaries represents a direct compromise of the gateway's core function to enforce per-domain policies.

Technical ContextAI

GINA (likely referring to the gateway's identity and access control layer for webdomain management) implements per-domain metadata restrictions intended to isolate email security policies across different organizational domains. The vulnerability stems from improper authorization validation (CWE-807: Reliance on Untrusted Inputs in a Security Decision) in the webdomain metadata modification functionality. This allows external users to interact with administrative metadata endpoints without proper authentication or authorization checks, bypassing the domain isolation mechanism that should enforce distinct security policies per domain. SEPPmail Secure Email Gateway is a centralized email security appliance responsible for threat detection, encryption, and policy enforcement across multiple organizational domains.

RemediationAI

Upgrade SEPPmail Secure Email Gateway to version 15.0.3 or later immediately. The vendor-released patch version 15.0.3 addresses the GINA webdomain metadata authorization flaw. No interim workarounds are documented; the core vulnerability exists in the metadata modification endpoints and requires the patched version to remediate. Organizations should consult the vendor's release notes at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503 for detailed upgrade procedures and any prerequisite compatibility checks.

CVE-2024-9043 CRITICAL
9.8 Sep 20

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit

CVE-2024-20401 CRITICAL
9.8 Jul 17

A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau

CVE-2024-6744 CRITICAL
9.8 Jul 15

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove

CVE-2026-44128 CRITICAL
9.3 May 08

Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e

CVE-2026-44125 CRITICAL
9.3 May 08

Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers

CVE-2026-44127 HIGH
8.8 May 08

Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur

CVE-2026-29144 HIGH
7.8 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security t

CVE-2026-29143 HIGH
7.8 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte

CVE-2026-29139 HIGH
7.8 Apr 02

Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi

CVE-2026-29141 HIGH
7.7 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls

CVE-2026-29140 HIGH
7.7 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME

CVE-2026-8811 HIGH
7.1 Jun 18

Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi

Share

CVE-2026-29134 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy