Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-9670
HistoryMay 29, 2019 - 10:29 p.m.

CVE-2019-9670

2019-05-2922:29:00
CWE-611
[email protected]
web.nvd.nist.gov
1240
In Wild
31
synacor
zimbra
collaboration suite
xml external entity
xxe
vulnerability
nvd
cve-2019-9670

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.

Social References

More

Related

githubexploit 2
osv 1
prion 1
nessus 1
nuclei 1
attackerkb 2
cisa_kev 1
packetstorm 1
zdt 1
threatpost 3
malwarebytes 2
thn 5
cisa 2
qualysblog 1
ics 1
githubexploit
githubexploit
Exploit for Improper Restriction of XML External Entity Reference in Synacor Zimbra Collaboration Suite
2019-08-16 04:37:11
Exploit for Improper Restriction of XML External Entity Reference in Synacor Zimbra Collaboration Suite
2019-08-16 15:22:27
osv
osv
CVE-2019-9670
2019-05-29 22:29:01
prion
prion
Xxe
2019-05-29 22:29:00
nessus
nessus
Zimbra Collaboration Server 8.7.x < 8.7.11p10 XML External Entity injection (XXE) vulnerability
2019-08-12 00:00:00
nuclei
nuclei
Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection
2020-10-29 10:53:46
attackerkb
attackerkb
Zimbra Collaboration Suite Autodiscover XXE
2019-05-29 00:00:00
CVE-2019-9670
2019-05-29 00:00:00
cisa_kev
cisa_kev
Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference
2022-01-10 00:00:00
packetstorm
packetstorm
Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF
2019-04-11 00:00:00
zdt
zdt
Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF Exploit
2019-04-11 00:00:00
threatpost
threatpost
Zimbra Server Bugs Could Lead to Email Plundering
2021-07-27 17:30:28
Hackers Look to Steal COVID-19 Vaccine Research
2020-07-16 18:05:20
NSA: 5 Security Bugs Under Active Nation-State Cyberattack
2021-04-16 18:10:09
malwarebytes
malwarebytes
Atomic research institute breached via VPN vulnerability
2021-06-21 13:53:03
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
2021-04-16 14:59:38
thn
thn
FBI, CISA Uncover Tactics Employed by Russian Intelligence Hackers
2021-04-27 09:14:00
US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
2021-04-15 16:55:00
Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities
2023-09-19 11:10:00
cisa
cisa
NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks
2021-04-15 00:00:00
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-01-10 00:00:00
qualysblog
qualysblog
Russia-Ukraine Crisis: How to Strengthen Your Security Posture to Protect against Cyber Attack, based on CISA Guidelines
2022-02-26 20:20:32
ics
ics
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
2022-03-01 12:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON
Related for CVE-2019-9670
githubexploit2osv1prion1nessus1nuclei1attackerkb2cisa_kev1packetstorm1zdt1threatpost3malwarebytes2thn5cisa2qualysblog1ics1