An issue exists in Synacor Zimbra Collaboration Suite 8.6.x prior to 8.6.0 Patch 11, 8.7.x prior to 8.7.11 Patch 6, 8.8.x prior to 8.8.8 Patch 9, and 8.8.9 prior to 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
synacor zimbra collaboration suite 8.7.11 |
||
synacor zimbra collaboration suite |
||
synacor zimbra collaboration suite 8.8.9 |
||
synacor zimbra collaboration suite 8.6.0 |
||
synacor zimbra collaboration suite 8.8.8 |