A critical access control bypass in Axigen Mail Server allows low-privileged administrative accounts to gain unauthorized access to SSL certificate management, risking total communication compromise.

The WebAdmin interface fails to properly enforce permissions for the SSL Certificates management endpoint (page=sslcerts). An authenticated delegated admin, even one with zero assigned permissions, can bypass checks to view, download, upload, or delete SSL certificate files, effectively circumventing the Security & Filtering restrictions.

The ability to manipulate SSL certificates allows an attacker to perform man-in-the-middle attacks, decrypt encrypted mail traffic, or shut down secure communications entirely. This represents a massive breach of confidentiality and integrity for the organization's email infrastructure. The CVSS score of 9.1 reflects the high impact of this privilege escalation.

Immediate Action: Update Axigen Mail Server to version 10.5.57 or later immediately to restore proper access control enforcement.

Proactive Monitoring: Review WebAdmin access logs for any delegated admin accounts accessing the sslcerts page, especially those without explicit permissions to do so.

Compensating Controls: Audit all delegated administrator accounts and remove any that are not strictly necessary until the patch is successfully deployed.

Public Exploit Available: No

This vulnerability undermines the entire security model of the Axigen WebAdmin interface. We recommend that all Axigen users update their installations immediately. Particular attention should be paid to organizations that utilize delegated administration, as these accounts now pose a significant risk to the server's cryptographic integrity.