Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions.
AnalysisAI
SEPPmail Secure Email Gateway before version 15.0.3 allows unauthenticated external users to modify GINA webdomain metadata and bypass per-domain restrictions, enabling attackers to circumvent email security controls across isolated security domains. NCSC.ch reported this authentication bypass vulnerability affecting all versions prior to 15.0.3. The ability to modify domain-level metadata across organizational security boundaries represents a direct compromise of the gateway's core function to enforce per-domain policies.
Technical ContextAI
GINA (likely referring to the gateway's identity and access control layer for webdomain management) implements per-domain metadata restrictions intended to isolate email security policies across different organizational domains. The vulnerability stems from improper authorization validation (CWE-807: Reliance on Untrusted Inputs in a Security Decision) in the webdomain metadata modification functionality. This allows external users to interact with administrative metadata endpoints without proper authentication or authorization checks, bypassing the domain isolation mechanism that should enforce distinct security policies per domain. SEPPmail Secure Email Gateway is a centralized email security appliance responsible for threat detection, encryption, and policy enforcement across multiple organizational domains.
RemediationAI
Upgrade SEPPmail Secure Email Gateway to version 15.0.3 or later immediately. The vendor-released patch version 15.0.3 addresses the GINA webdomain metadata authorization flaw. No interim workarounds are documented; the core vulnerability exists in the metadata modification endpoints and requires the patched version to remediate. Organizations should consult the vendor's release notes at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#seppmail-vulnerability-disclosure-1503 for detailed upgrade procedures and any prerequisite compatibility checks.
More in Secure Email Gateway
View allSecure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove
Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e
Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers
Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security t
SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte
Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME
Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-18148
GHSA-v5jf-vjfx-frfr