Environment
SMG Appliance running releases prior to July 2020
Situation
A potential vulnerability has been identified in Secure Messaging Gateway. The Secure Messaging Gateway appliance on SLES had a potential vulnerability in the DKIM key management page. A logged in user with rights to generate DKIM key information could inject system commands into the call to the DKIM system command by setting the domain parameter to an injectable string. The command is run as the wwwrun user that has restricted rights. The scope of exposure is unknown due to the restricted access of the account that runs the command.
Versions of Secure Messaging Gateway prior to the SLES release in early 2020 are reported to be more vulnerable to an attack, likely due to the user having additional rights to the system.
The July 2020 release of Secure Messaging Gateway adds full protection to this vulnerability by validating the user provided domain before passing it to the DKIM system command.
Resolution
Upgrade to the July 2020 release of Secure Messaging Gateway. Prerequisite to this upgrade is the platform upgrade to SLES (released early 2020). Ubuntu based appliance platform is basically no longer supported and the upgrade to SLES is well documented: https://www.novell.com/documentation/secure-messaging-gateway/secure-messaging-gateway/data/migrating_to_sles_appliance.html
Status
Security AlertAdditional Information
CVSS Version 3.0 and Version 2.0 Base Metrics
Reference | V3 Vector | V3 Base Score | V2 Vector | V2 Base Score |
CVE-2020-11852 | CVSS: 4.3: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N | 4.3 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | X.X |