← back
CVE-2020-36519

CVE-2020-36519

EPSS 0.8%
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.)
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://wesleyk.me/2020/01/10/my-first-vulnerability-mimecast-sender-address-verification/