Lucene search
K

25 matches found

Veeam
Veeam
added 2026/06/03 12:0 a.m.65 views

Email item data export from EWS failed

Challenge Exchange Online backup jobs in Veeam Backup for Microsoft 365 and Veeam Data Cloud for Microsoft 365 may fail to process mailboxes, returning one of the following errors: Processing mailbox failed with error: Email item data export from EWS failed item IDs: .... The operation has timed...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.7 views

CVE-2026-33371

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References1
Veeam
Veeam
added 2026/03/25 12:0 a.m.35 views

Support Statement — Exchange Web Services (EWS) Deprecation

Challenge Microsoft has announced the deprecation of Exchange Web Services EWS in Exchange Online, with the initial phase-out target of October 1, 2026. Veeam Backup for Microsoft 365 and Veeam Data Cloud for Microsoft 365 currently leverage EWS for Exchange Online backup functionality. Note: Thi...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/03/20 3:31 p.m.6 views

EUVD-2026-13696

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

5.8AI score0.00234EPSS
Exploits0References5
NVD
NVD
added 2026/03/20 2:16 p.m.7 views

CVE-2026-33371

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

4.3CVSS0.00234EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:0 a.m.2 views

CVE-2026-33371

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

5.8AI score0.00234EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.6 views

PT-2026-26615

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

5.8AI score0.00234EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/20 12:0 a.m.4 views

CVE-2026-33371

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

5.8AI score0.00234EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/20 12:0 a.m.26 views

CVE-2026-33371

An issue was discovered in Zimbra Collaboration ZCS 10.0 and 10.1. An XML External Entity XXE vulnerability exists in the Zimbra Exchange Web Services EWS SOAP interface due to improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by an XML parser...

0.00234EPSS
Exploits0References4
CVE
CVE
added 2026/03/20 12:0 a.m.17 views

CVE-2026-33371

CVE-2026-33371 affects Zimbra Collaboration (ZCS) 10.0 and 10.1. The issue is an XML External Entity (XXE) vulnerability in the Zimbra Exchange Web Services (EWS) SOAP interface caused by improper handling of XML input. An authenticated attacker can submit crafted XML data that is processed by a ...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Zimbra Collaboration 安全漏洞

Zimbra Collaboration is an open-source enterprise-level email and collaboration platform developed by Zimbra Corporation. It supports email, calendar, document management, and team collaboration features. Versions 10.0 and 10.1 of Zimbra Collaboration contain security vulnerabilities. These...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 4 : evolution-data-server-2.32.3-18.AXS4 (AXSA:2014-352:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-352:01 advisory. The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. It was originally develope...

7.5CVSS7.3AI score0.0189EPSS
Exploits0References2
Gitee
Gitee
added 2025/09/14 4:21 p.m.107 views

PrivExchange

This is a proof-of-concept PoC tool for abusing Microsoft Exchange to obtain Domain Admin privileges. The tool, named PrivExchange, requires the Impacket library and can be used to subscribe to push notifications on Exchange Web Services, which will make Exchange connect back to the attacker and...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/25 1:39 p.m.5 views

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

An unnamed government entity associated with the United Arab Emirates U.A.E. was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/25 1:39 p.m.99 views

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

An unnamed government entity associated with the United Arab Emirates U.A.E. was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange. According to a new report from Fortinet FortiGuard Labs, the...

7.6AI score
Exploits0
Veeam
Veeam
added 2021/08/18 12:0 a.m.20 views

How to Temporarily Disable Exchange Web Services Throttling

Purpose This article documents how to temporarily disable Exchange Web Services API throttling, potentially improving Exchange backup performance in Veeam Backup for Microsoft 365. Note: Throttling may only be disabled temporarily; this should be sufficient to allow Veeam Backup for Microsoft 365...

6.7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/17 8:31 a.m.33 views

Security Bulletin: A vulnerability have been identified in Apache Commons IO shipped with IBM Tivoli Netcool/OMNIbus Probe for Microsoft Exchange Web Services (CVE-2021-29425)

Summary Apache Commons IO is a dependency component shipped with the IBM Tivoli Netcool/OMNIbus Probe for Microsoft Exchange Web Services. Information about the security vulnerability affecting Apache Commons IO has been published. CVE-2021-29425 Vulnerability Details CVEID: CVE-2021-29425...

5.8CVSS1.3AI score0.10608EPSS
Exploits1Affected Software1
ThreatPost
ThreatPost
added 2021/01/12 6:35 p.m.23 views

Mimecast Certificate Hacked in Supply-Chain Attack

A Mimecast-issued certificate used to authenticate some of the company’s products to Microsoft 365 Exchange Web Services has been “compromised by a sophisticated threat actor,” the company has announced. Mimecast provides email security services that customers can apply to their Microsoft 365...

Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/02/11 12:0 a.m.171 views

Security Updates for Exchange (February 2020)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the...

9CVSS9.4AI score0.99965EPSS
Exploits30References5
Tenable Nessus
Tenable Nessus
added 2019/02/12 12:0 a.m.335 views

Security Updates for Exchange (February 2019)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - Multiple Vulnerabilites with the included libraries from Oracle Outside. CVE-2018-18223, CVE-2018-18224, CVE-2018-3147, CVE-2018-3217, CVE-2018-3218,...

9.3CVSS6.4AI score0.23799EPSS
Exploits2References28
Rows per page
Query Builder