Lucene search

[email protected]NVD:CVE-2023-29382

HistoryJul 06, 2023 - 4:15 p.m.

CVE-2023-29382

2023-07-0616:15:09

[email protected]

web.nvd.nist.gov

zimbra collaboration

arbitrary code execution

sfdc_preauth.jsp

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.

Affected configurations

NVD

Node

zimbracollaborationMatch8.8.15-

zimbracollaborationMatch8.8.15p1

zimbracollaborationMatch8.8.15p10

zimbracollaborationMatch8.8.15p11

zimbracollaborationMatch8.8.15p12

zimbracollaborationMatch8.8.15p13

zimbracollaborationMatch8.8.15p14

zimbracollaborationMatch8.8.15p15

zimbracollaborationMatch8.8.15p16

zimbracollaborationMatch8.8.15p17

zimbracollaborationMatch8.8.15p18

zimbracollaborationMatch8.8.15p19

zimbracollaborationMatch8.8.15p2

zimbracollaborationMatch8.8.15p20

zimbracollaborationMatch8.8.15p21

zimbracollaborationMatch8.8.15p22

zimbracollaborationMatch8.8.15p23

zimbracollaborationMatch8.8.15p24

zimbracollaborationMatch8.8.15p25

zimbracollaborationMatch8.8.15p26

zimbracollaborationMatch8.8.15p27

zimbracollaborationMatch8.8.15p28

zimbracollaborationMatch8.8.15p29

zimbracollaborationMatch8.8.15p3

zimbracollaborationMatch8.8.15p30

zimbracollaborationMatch8.8.15p31

zimbracollaborationMatch8.8.15p32

zimbracollaborationMatch8.8.15p33

zimbracollaborationMatch8.8.15p34

zimbracollaborationMatch8.8.15p35

zimbracollaborationMatch8.8.15p37

zimbracollaborationMatch8.8.15p4

zimbracollaborationMatch8.8.15p5

zimbracollaborationMatch8.8.15p6

zimbracollaborationMatch8.8.15p7

zimbracollaborationMatch8.8.15p8

zimbracollaborationMatch8.8.15p9

zimbracollaborationMatch9.0.0

zimbracollaborationMatch9.0.0-

zimbracollaborationMatch9.0.0p0

zimbracollaborationMatch9.0.0p1

zimbracollaborationMatch9.0.0p10

zimbracollaborationMatch9.0.0p11

zimbracollaborationMatch9.0.0p12

zimbracollaborationMatch9.0.0p13

zimbracollaborationMatch9.0.0p14

zimbracollaborationMatch9.0.0p15

zimbracollaborationMatch9.0.0p16

zimbracollaborationMatch9.0.0p19

zimbracollaborationMatch9.0.0p2

zimbracollaborationMatch9.0.0p20

zimbracollaborationMatch9.0.0p21

zimbracollaborationMatch9.0.0p23

zimbracollaborationMatch9.0.0p24

zimbracollaborationMatch9.0.0p24.1

zimbracollaborationMatch9.0.0p25

zimbracollaborationMatch9.0.0p26

zimbracollaborationMatch9.0.0p27

zimbracollaborationMatch9.0.0p3

zimbracollaborationMatch9.0.0p4

zimbracollaborationMatch9.0.0p5

zimbracollaborationMatch9.0.0p6

zimbracollaborationMatch9.0.0p7

zimbracollaborationMatch9.0.0p7.1

zimbracollaborationMatch9.0.0p8

zimbracollaborationMatch9.0.0p9

References

wiki.zimbra.com/wiki/Security_Center

wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.2%

JSON

Related for NVD:CVE-2023-29382

osv1 prion1 cvelist1 cve1 nessus2