Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session.
AnalysisAI
Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers to access privileged GINA UI endpoints without authentication. The vulnerability (CISA reported by Swiss NCSC) affects core access control mechanisms with CVSS 9.3 critical severity, allowing complete system compromise through network-accessible administrative interfaces. No active exploitation (CISA KEV) or public exploit code identified at time of analysis, but the network-accessible attack vector with no authentication barrier presents immediate risk to internet-facing deployments.
Technical ContextAI
The vulnerability stems from missing authorization checks (CWE-862: Missing Authorization) in multiple endpoints of SEPPmail's GINA UI component. CWE-862 represents a failure to verify whether a user has permission to access a resource or perform an action, distinct from authentication failures. In this case, the GINA UI (likely a web-based administrative interface for the Secure Email Gateway) exposes multiple endpoints that process privileged operations without validating session tokens or user permissions. The affected product CPE (cpe:2.3:a:seppmail_ag:secure_email_gateway) indicates this impacts SEPPmail AG's email security gateway appliance, which typically handles email filtering, encryption, and policy enforcement for enterprise environments. The CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N) confirms this is a network-exploitable vulnerability requiring no prerequisites-attackers need only network access to the GINA UI interface to invoke protected functionality. The High confidentiality, integrity, and availability impacts (VC:H/VI:H/VA:H) indicate complete system compromise potential.
RemediationAI
Upgrade to SEPPmail Secure Email Gateway version 15.0.4 or later, as documented in the vendor's external release notes at https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security. The release notes confirm version 15.0.4 addresses this authorization bypass vulnerability in the GINA UI component. If immediate patching is not feasible, implement compensating controls: restrict network access to the GINA UI administrative interface through firewall rules permitting only trusted management networks (note this reduces attack surface but does not eliminate risk from internal threats or compromised management stations); disable external access to administrative ports entirely if remote management is not required (typically TCP 443/8443 for web interfaces); deploy a web application firewall with rules blocking unauthenticated access to administrative paths if GINA UI endpoints can be enumerated. These mitigations reduce exposure but do not fix the underlying authorization flaw-version upgrade remains the only complete remediation. Organizations should verify patch deployment through version validation and test that administrative access controls function correctly post-upgrade.
More in Secure Email Gateway
View allSecure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit
A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove
Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e
Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security t
SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte
Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls
SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME
Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi
SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endp
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28586
GHSA-x76h-jjpq-cp24