Volerion logoVolerion
Volerion logoVolerion

SEPPmail Secure Email Gateway Email Header Parsing Vulnerability Allowing Source Spoofing and Decryption

Vulnerability

A vulnerability in SEPPmail Secure Email Gateway versions prior to 15.0.1 allows for improper interpretation of email addresses in headers. This misinterpretation can conflict with other mail infrastructure, enabling an attacker to spoof the email source or decrypt the message.

Impact

Exploitation of this vulnerability could lead to unauthorized decryption of emails or spoofing of email sources, potentially allowing malicious emails to appear as if they were sent from a trusted source.

Reproduction

The vulnerability can be reproduced by sending an email that includes headers with email addresses. The Secure Email Gateway will incorrectly parse these addresses, creating a conflict that can be exploited to fake the email's source or decrypt its contents.

Remediation

Users can update to SEPPmail Secure Email Gateway version 15.0.1 or later, where this vulnerability has been addressed.

Added: Mar 4, 2026, 9:20 AM
Updated: Mar 4, 2026, 9:20 AM

Vulnerability Rating

Custom Algorithm
spread
2.2
impact
3.1
exploitability
7.5
remediation
7.7
relevance
3.5
threat
1.6
urgency
2.9
incentive
4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.