Skip to main content

SEPPmail Secure Email Gateway EUVDEUVD-2026-28590

| CVE-2026-7864 MEDIUM
Exposure of Sensitive System Information to an Unauthorized Control Sphere (CWE-497)
2026-05-08 NCSC.ch GHSA-987g-rmgr-mpfx
6.9
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
May 08, 2026 - 14:33 EUVD
Analysis Generated
May 08, 2026 - 14:30 vuln.today
CVSS changed
May 08, 2026 - 14:22 NVD
6.9 (MEDIUM)
CVE Published
May 08, 2026 - 13:12 nvd
MEDIUM 6.9

DescriptionCVE.org

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information.

AnalysisAI

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the GINA UI, allowing remote attackers to retrieve sensitive system information including configuration details, internal paths, and potentially credentials. The vulnerability requires only network access to the affected endpoint with no authentication, authentication complexity, or user interaction; it is classified as an information disclosure flaw with limited confidentiality impact (CVSS 6.9).

Technical ContextAI

The vulnerability exists in the new GINA (graphical interface) UI component of SEPPmail Secure Email Gateway. The affected endpoint fails to implement proper access controls on an interface that exposes server environment variables-data structures containing system configuration, runtime settings, and potentially sensitive values. This is a classic CWE-497 (Exposure of Sensitive System Information to an Unauthorized Control Sphere) vulnerability, where internal system state intended for server administration is inadvertently accessible to unauthenticated remote clients. Environment variables often contain database connection strings, API keys, service credentials, internal IP addresses, and runtime configuration flags. The GINA UI's new functionality apparently introduced this exposure without proper authentication or authorization checks.

RemediationAI

Vendors and users must upgrade SEPPmail Secure Email Gateway to version 15.0.4 or later, which addresses the unauthenticated endpoint exposure. For organizations unable to immediately patch, implement network-level access controls by restricting HTTP/HTTPS access to the GINA UI endpoint to trusted internal IP ranges only, using a web application firewall (WAF) or reverse proxy to enforce authentication on the vulnerable endpoint before forwarding requests to SEPPmail. Additionally, audit server logs for anomalous requests to the GINA UI endpoint that may indicate reconnaissance activity. Disable the GINA UI entirely if it is not actively used and the classic administration interface suffices, which eliminates the exposure until patching is feasible. Monitor environment and environment variable access through system logging to detect exploitation attempts. See https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security for patch release notes and deployment guidance.

CVE-2024-9043 CRITICAL
9.8 Sep 20

Secure Email Gateway from Cellopoint has Buffer Overflow Vulnerability in authentication process. Rated critical severit

CVE-2024-20401 CRITICAL
9.8 Jul 17

A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unau

CVE-2024-6744 CRITICAL
9.8 Jul 15

The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Ove

CVE-2026-44128 CRITICAL
9.3 May 08

Remote code execution in SEPPmail Secure Email Gateway versions prior to 15.0.2.1 enables unauthenticated attackers to e

CVE-2026-44125 CRITICAL
9.3 May 08

Authorization bypass in SEPPmail Secure Email Gateway versions prior to 15.0.4 enables remote unauthenticated attackers

CVE-2026-44127 HIGH
8.8 May 08

Remote unauthenticated attackers can read arbitrary local files and trigger deletion of targeted files in SEPPmail Secur

CVE-2026-29144 HIGH
7.8 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows attackers to bypass subject sanitization and forge security t

CVE-2026-29143 HIGH
7.8 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 fails to properly authenticate inner messages within S/MIME-encrypte

CVE-2026-29139 HIGH
7.8 Apr 02

Account takeover in SEPPmail Secure Email Gateway versions before 15.0.3 allows unauthenticated attackers to reset victi

CVE-2026-29141 HIGH
7.7 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to bypass subject line sanitization controls

CVE-2026-29140 HIGH
7.7 Apr 02

SEPPmail Secure Email Gateway before version 15.0.3 allows remote attackers to inject malicious certificates into S/MIME

CVE-2026-8811 HIGH
7.1 Jun 18

Path traversal in SEPPmail Secure Email Gateway versions before 15.0.5 allows authenticated remote attackers to write fi

Share

EUVD-2026-28590 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy