CVE-2025-54391
A vulnerability in the EnableTwoFactorAuthRequest SOAP endpoint of Zimbra Collaboration ZCS allows an attacker with valid user credentials to bypass Two-Factor Authentication 2FA protection. The attacker can configure an additional 2FA method either a third-party authenticator app or email-based...