CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-8633
https://notcve.org/view.php?id=CVE-2020-8633
An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible. Se detectó un problema en Zimbra Collaboration Suite (ZCS) versiones anteriores a 8.8.15 Patch 7. Cuando los otorgantes revocan un calendario compartido en Outlook, el calendario se mantuvo montado y accesible. • https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7 • CWE-281: Improper Preservation of Permissions •
CVSS: 9.8EPSS: 62%CPEs: 8EXPL: 0CVE-2020-7796
https://notcve.org/view.php?id=CVE-2020-7796
Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. Zimbra Collaboration Suite (ZCS) versiones anteriores a 8.8.15 Patch 7, permite un ataque de tipo SSRF cuando WebEx zimlet es instalado y zimlet JSP está habilitado. • https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P7 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8563
https://notcve.org/view.php?id=CVE-2014-8563
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. Synacor Zimbra Collaboration versiones anteriores a 8.0.9, permite una inyección de comandos de texto plano durante STARTTLS. • https://bugzilla.zimbra.com/show_bug.cgi?id=96105 https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.4EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2249
https://notcve.org/view.php?id=CVE-2015-2249
Zimbra Collaboration before 8.6.0 patch5 has XSS. Zimbra Collaboration versiones anteriores a 8.6.0 patch5, presenta una vulnerabilidad de tipo XSS. • https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5500
https://notcve.org/view.php?id=CVE-2014-5500
Synacor Zimbra Collaboration before 8.0.8 has XSS. Synacor Zimbra Collaboration versiones anteriores a 8.0.8, presenta una vulnerabilidad de tipo XSS. • https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •