Potential Remote Vulnerability in Secure Messaging Gateway (CVE-2020-11852)

  • 7024775
  • 06-Aug-2020
  • 06-Aug-2020

Environment

SMG Appliance running releases prior to July 2020

Situation

A potential vulnerability has been identified in Secure Messaging Gateway. The Secure Messaging Gateway appliance on SLES had a potential vulnerability in the DKIM key management page. A logged in user with rights to generate DKIM key information could inject system commands into the call to the DKIM system command by setting the domain parameter to an injectable string.  The command is run as the wwwrun user that has restricted rights.  The scope of exposure is unknown due to the restricted access of the account that runs the command.

Versions of Secure Messaging Gateway prior to the SLES release in early 2020 are reported to be more vulnerable to an attack, likely due to the user having additional rights to the system.

The July 2020 release of Secure Messaging Gateway adds full protection to this vulnerability by validating the user provided domain before passing it to the DKIM system command. 

Resolution

Upgrade to the July 2020 release of Secure Messaging Gateway. Prerequisite to this upgrade is the platform upgrade to SLES (released early 2020). Ubuntu based appliance platform is basically no longer supported and the upgrade to SLES is well documented: https://www.novell.com/documentation/secure-messaging-gateway/secure-messaging-gateway/data/migrating_to_sles_appliance.html

Status

Security Alert

Additional Information

CVSS Version 3.0 and Version 2.0 Base Metrics

Reference

V3 Vector

V3 Base Score

V2 Vector

V2 Base Score

CVE-2020-11852

CVSS: 4.3: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

4.3

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

X.X