CVE-2020-11852

Name of the Vulnerable Software and Affected Versions Micro Focus Secure Messaging Gateway (SMG) versions prior to July 2020

Description The issue concerns a DKIM key management page vulnerability. It affects logged-in users with rights to generate DKIM key information, allowing them to inject system commands into the call to the DKIM system command.

Recommendations For versions prior to July 2020, consider restricting access to the DKIM key management page until a fix is available. As a temporary workaround, limit the rights of users to generate DKIM key information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.