TTCSIRT-334.08.19.20: TT-CSIRT ADVISORY- POTENTIAL REMOTE VULNERABILITY IN SECURE MESSAGING GATEWAY MICRO FOCUS
A potential vulnerability has been identified in Secure Messaging Gateway.
The Secure Messaging Gateway appliance on SLES had a potential vulnerability in the DKIM key management page.
A logged in user with rights to generate DKIM key information could inject system commands into the call to the DKIM system command by setting the domain parameter to an injectable string.
The command is run as the wwwrun user that has restricted rights.
The cause was due to improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’)
The fix available can be found by following the upgrade and migrating instructions utilising the link below:
https://www.novell.com/documentation/secure-messaging-gateway/secure-messaging-gateway/data/migrating_to_sles_appliance.html
The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review and apply the necessary updates.
If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT via contacts@ttcsirt.gov.tt