Lucene search

K

MitreCVELIST:CVE-2015-7610

HistoryMay 30, 2018 - 9:00 p.m.

CVE-2015-7610

2018-05-3021:00:00

mitre

www.cve.org

4

AI Score

9.1

Confidence

High

EPSS

0.064

Percentile

93.7%

Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.

References

blog.zimbra.com/2018/04/new-patches-for-you-zimbra-8-8-8-turing-patch-1-zimbra-8-7-11-patch-2/

blog.zimbra.com/2018/05/new-patches-zimbra-8-8-8-turing-patch-3-zimbra-8-7-11-patch-3-zimbra-8-6-0-patch-10/

wiki.zimbra.com/wiki/Security_Center

wiki.zimbra.com/wiki/Zimbra_Releases/8.6.0/P10

wiki.zimbra.com/wiki/Zimbra_Releases/8.7.11/P2

wiki.zimbra.com/wiki/Zimbra_Releases/8.8.8/P1

wiki.zimbra.com/wiki/Zimbra_Security_Advisories

AI Score

9.1

Confidence

High

EPSS

0.064

Percentile

93.7%

Related for CVELIST:CVE-2015-7610

prion1 openvas1 nvd1 cve1