Collaboration Security Vulnerabilities and Issues — Collaboration CVE List

Lucene search

ZimbraCollaboration

16 matches found

CVE•added 2022/08/12 3:15 p.m.•1050 views

CVE-2022-37042

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code exec...

9.8CVSS9AI score0.94306EPSS

CVE•added 2022/02/09 4:15 a.m.•1044 views

CVE-2022-24682

An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing ...

6.1CVSS6.3AI score0.77845EPSS

CVE•added 2022/04/21 12:15 a.m.•881 views

CVE-2022-27924

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.

7.5CVSS7.8AI score0.61782EPSS

CVE•added 2022/09/26 2:15 a.m.•878 views

CVE-2022-41352

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also...

9.8CVSS9.4AI score0.81526EPSS

CVE•added 2022/04/21 12:15 a.m.•539 views

CVE-2022-27926

A reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component of Zimbra Collaboration (aka ZCS) 9.0 allows unauthenticated attackers to execute arbitrary web script or HTML via request parameters.

6.1CVSS6AI score0.94285EPSS

CVE•added 2022/08/16 8:15 p.m.•201 views

CVE-2022-37393

Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.

7.8CVSS8.7AI score0.03483EPSS

CVE•added 2022/10/12 8:15 p.m.•75 views

CVE-2022-41348

An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via the onerror attribute of an IMG element, leading to information disclosure.

6.1CVSS5.7AI score0.00451EPSS

CVE•added 2022/09/26 2:15 a.m.•69 views

CVE-2022-41347

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes p...

7.8CVSS7.7AI score0.00076EPSS

CVE•added 2022/08/12 3:15 p.m.•66 views

CVE-2022-37043

An issue was discovered in the webmail component in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. When using preauth, CSRF tokens are not checked on some POST endpoints. Thus, when an authenticated user views an attacker-controlled page, a request will be sent to the application that appears to ...

5.7CVSS6.3AI score0.00185EPSS

CVE•added 2022/07/11 3:15 a.m.•64 views

CVE-2022-32294

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 (aka the syslog port). NOTE: a third party reports that this cannot be reproduced.

9.8CVSS9.4AI score0.02171EPSS

CVE•added 2022/10/12 8:15 p.m.•59 views

CVE-2022-41349

In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/compose accepts an attachUrl parameter that is vulnerable to Reflected XSS. This allows executing arbitrary JavaScript on the victim's machine.

6.1CVSS6.2AI score0.00387EPSS

CVE•added 2022/10/12 8:15 p.m.•57 views

CVE-2022-41351

In Zimbra Collaboration Suite (ZCS) 8.8.15, at the URL /h/calendar, one can trigger XSS by adding JavaScript code to the view parameter and changing the value of the uncheck parameter to a string (instead of default value of 10).

6.1CVSS6AI score0.00451EPSS

CVE•added 2022/08/12 3:15 p.m.•53 views

CVE-2022-37041

An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The value of X-Forwarded-Host header is not checked against the whitelist of h...

7.5CVSS7.9AI score0.00163EPSS

CVE•added 2022/12/05 10:15 p.m.•52 views

CVE-2022-45912

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution...

7.2CVSS7.5AI score0.01359EPSS

CVE•added 2022/10/12 8:15 p.m.•49 views

CVE-2022-41350

In Zimbra Collaboration Suite (ZCS) 8.8.15, /h/search?action=voicemail&action=listen accepts a phone parameter that is vulnerable to Reflected XSS. This allows executing arbitrary JavaScript on the victim's machine.

6.1CVSS6.2AI score0.00451EPSS

CVE•added 2022/08/12 3:15 p.m.•44 views

CVE-2022-37044

In Zimbra Collaboration Suite (ZCS) 8.8.15, the URL at /h/search?action accepts parameters called extra, title, and onload that are partially sanitised and lead to reflected XSS that allows executing arbitrary JavaScript on the victim's machine.

6.1CVSS6AI score0.00456EPSS