CVE-2024-9043

Name of the Vulnerable Software and Affected Versions Cellopoint Secure Email Gateway versions prior to 4.5.0

Description The issue is related to a Buffer Overflow Vulnerability in the authentication process of the Secure Email Gateway from Cellopoint. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing authentication and obtaining system administrator privileges. This vulnerability may allow an attacker to elevate their privileges or cause a denial of service.

Recommendations For Cellopoint Secure Email Gateway versions prior to 4.5.0, patch immediately to prevent remote exploitation. As a temporary workaround, consider restricting access to the authentication process until a patch is available. Avoid using the vulnerable authentication component until the issue is resolved. At the moment, there is no additional information about other mitigation measures.