Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

synacor zimbra collaboration suite 8.8.11 vulnerabilities and exploits

(subscribe to this query)

4
CVSSv2
CVE-2019-6981
Zimbra Collaboration Suite 8.7.x through 8.8.11 allows Blind SSRF in the Feed component....
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.7.11Synacor Zimbra Collaboration Suite 8.8.9Synacor Zimbra Collaboration Suite 8.8.10Synacor Zimbra Collaboration Suite 8.8.11
7.5
CVSSv2
CVE-2019-6980
Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component....
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.7.11Synacor Zimbra Collaboration Suite 8.8.9Synacor Zimbra Collaboration Suite 8.8.10Synacor Zimbra Collaboration Suite 8.8.11
7.5
CVSSv2
CVE-2018-20160
ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd....
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.7.11Synacor Zimbra Collaboration Suite 8.8.9Synacor Zimbra Collaboration Suite 8.8.10Synacor Zimbra Collaboration Suite 8.8.11
4.3
CVSSv2
CVE-2018-14013
Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients....
Synacor Zimbra Collaboration SuiteSynacor Zimbra Collaboration Suite 8.7.11Synacor Zimbra Collaboration Suite 8.8.9Synacor Zimbra Collaboration Suite 8.8.10Synacor Zimbra Collaboration Suite 8.8.11
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-24686CVE-2021-21298CVE-2021-69420server-side request forgeryCVE-2021-23957microsoftSSTI.netSQLCVE-2021-21273CVE-2021-25281