CVSS: 6.1EPSS: 0%CPEs: 40EXPL: 0CVE-2021-34807
https://notcve.org/view.php?id=CVE-2021-34807
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any URL via isredirect=1&redirectURL= in conjunction with the token data (e.g., a valid authtoken= value). Existe una vulnerabilidad de redirección abierta en el servlet /preauth de Zimbra Collaboration Suite hasta la versión 9.0. Para explotar la vulnerabilidad, un atacante necesitaría haber obtenido un token de autentificación válido de Zimbra o un token de preautentificación válido. • https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P23 https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P16 https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 89%CPEs: 36EXPL: 4CVE-2019-9621 – Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
https://notcve.org/view.php?id=CVE-2019-9621
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. Zimbra Collaboration Suite anterior de la versión 8.6 path 13, versión 8.7.x anterior de la 8.7.11 path 10, y versión 8.8.x anterior de la 8.8.10 path 7 u versión 8.8.x anterior de la 8.8.11 path 3, permite vulnerabilidad de tipo SSRF por medio del componente ProxyServlet. Zimbra versions prior to 8.8.1 suffer from XML external entity injection and server-side request forgery vulnerabilities. • https://www.exploit-db.com/exploits/46967 https://www.exploit-db.com/exploits/46693 http://packetstormsecurity.com/files/152487/Zimbra-Collaboration-Autodiscover-Servlet-XXE-ProxyServlet-SSRF.html http://packetstormsecurity.com/files/153190/Zimbra-XML-Injection-Server-Side-Request-Forgery.html http://www.rapid7.com/db/modules/exploit/linux/http/zimbra_xxe_rce https://blog.tint0.com/2019/03/a-saga-of-code-executions-on-zimbra.html https://blog.zimbra.com/2019/03/9826 https://bugzilla.zimbra. • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2018-10939
https://notcve.org/view.php?id=CVE-2018-10939
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group. Zimbra Web Client (ZWC) en Zimbra Collaboration Suite en versiones 8.8 anteriores a la 8.8.8.Patch4 y versiones 8.7 anteriores a la 8.7.11.Patch4 tiene Cross-Site Scripting (XSS) persistente mediante un grupo de contactos. • https://blog.zimbra.com/2018/05/new-zimbra-patches-8-8-8-patch-4-and-8-7-11-patch-4 https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.11/P4 https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.8/P4 https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 6%CPEs: 13EXPL: 0CVE-2015-7610
https://notcve.org/view.php?id=CVE-2015-7610
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token. Vulnerabilidad Cross-Site Request Forgery (CSRF) en el formulario de inicio de sesión en Zimbra Collaboration Suite (ZCS) en versiones anteriores a la 8.6.0 Patch 10, versiones 8.7.x anteriores a la 8.7.11 Patch 2 y versiones 8.8.x anteriores a la 8.8.8 Patch 1 permite que atacantes remotos secuestren la autenticación de víctimas no especificadas aprovechando el error a la hora de emplear un token CSRF. • https://blog.zimbra.com/2018/04/new-patches-for-you-zimbra-8-8-8-turing-patch-1-zimbra-8-7-11-patch-2 https://blog.zimbra.com/2018/05/new-patches-zimbra-8-8-8-turing-patch-3-zimbra-8-7-11-patch-3-zimbra-8-6-0-patch-10 https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Releases/8.6.0/P10 https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.11/P2 https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.8/P1 https://wiki.zi • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2018-10951
https://notcve.org/view.php?id=CVE-2018-10951
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API. mailboxd en Zimbra Collaboration Suite, en versiones 8.8 anteriores a la 8.8.8; versiones 8.7 anteriores a la 8.7.11.Patch3 y versiones 8.6 anteriores a la 8.6.0.Patch10, permite el acceso de lectura zimbraSSLPrivateKey mediante una llamada GetServer, GetAllServers o GetAllActiveServers en la API SOAP Admin. • https://bugzilla.zimbra.com/show_bug.cgi?id=108894 •