3 matches found
CVE-2018-12464
CVE-2018-12464 is a SQL injection vulnerability in Micro Focus Secure Messaging Gateway (SMG) affecting the Web administration and quarantine components. It occurs in versions prior to 471 and enables an unauthenticated remote attacker to execute arbitrary SQL statements against the SMG database,...
CVE-2020-11852
CVE-2020-11852 is a command-injection vulnerability in Micro Focus Secure Messaging Gateway (SMG) affecting the DKIM key management page. The issue allows a logged-in user with rights to generate DKIM key information to inject system commands into the DKIM system command call. Affected are SMG Ap...
CVE-2018-12465
CVE-2018-12465 describes an OS command injection in the web administration component of Micro Focus Secure Messaging Gateway (SMG). A remote attacker authenticated as a privileged user can run arbitrary OS commands on the SMG server. The CVE notes this can be leveraged with CVE-2018-12464 (SQL in...