Synacor Zimbra Collaboration Suite

Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers

CVE-2022-3569 7.8 - High - October 17, 2022

Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12

CVE-2020-18984 6.1 - Medium - December 15, 2021

A reflected cross-site scripting (XSS) vulnerability in the zimbraAdmin/public/secureRequest.jsp component of Zimbra Collaboration 8.8.12 allows unauthenticated attackers to execute arbitrary web scripts or HTML via a host header injection.

XSS

An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12

CVE-2020-18985 6.1 - Medium - December 15, 2021

An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers to redirect users to any arbitrary website of their choosing.

Open Redirect

An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11

CVE-2020-13653 6.1 - Medium - July 02, 2020

An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11. It allows an attacker to inject executable JavaScript into the account name of a user's profile. The injected code can be reflected and executed when changing an e-mail signature.

XSS

Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file

CVE-2020-12846 8 - High - June 03, 2020

Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files (exe,sh,bat,jar) in the Contact section of the mailbox as an avatar image for a contact. A user will receive a "Corrupt File" error, but the file is still uploaded and stored locally in /opt/zimbra/data/tmp/upload/, leaving it open to possible remote execution.

Unrestricted File Upload

Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7

CVE-2020-7796 9.8 - Critical - February 18, 2020

Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.

XSPA

An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7

CVE-2020-8633 5.3 - Medium - February 18, 2020

An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.

Improper Preservation of Permissions

There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1.

CVE-2018-14425 6.1 - Medium - May 30, 2019

There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1.

XSS

Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS

CVE-2018-10948 4.8 - Medium - May 30, 2019

Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs.

XSS

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11

CVE-2018-15131 5.3 - Medium - May 30, 2019

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.

Information Disclosure

Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.

CVE-2018-14013 6.1 - Medium - May 29, 2019

Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.

XSS

Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11

CVE-2019-6980 9.8 - Critical - May 29, 2019

Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component.

Marshaling, Unmarshaling

Zimbra Collaboration Suite 8.7.x through 8.8.11

CVE-2019-6981 6.5 - Medium - May 29, 2019

Zimbra Collaboration Suite 8.7.x through 8.8.11 allows Blind SSRF in the Feed component.

XSPA

mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability

CVE-2019-9670 9.8 - Critical - May 29, 2019

mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.

XXE

mailboxd component in Synacor Zimbra Collaboration Suite 8.6

CVE-2018-18631 6.1 - Medium - May 29, 2019

mailboxd component in Synacor Zimbra Collaboration Suite 8.6, 8.7 before 8.7.11 Patch 7, and 8.8 before 8.8.10 Patch 2 has Persistent XSS.

XSS

ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products

CVE-2018-20160 9.8 - Critical - May 29, 2019

ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra Collaboration Suite 8.7 and 8.8 and in other products, allows XXE attacks, as demonstrated by a crafted XML request to mailboxd.

XXE

Zimbra Collaboration before 8.8.10 GA

CVE-2018-17938 5.3 - Medium - October 03, 2018

Zimbra Collaboration before 8.8.10 GA allows text content spoofing via a loginErrorCode value.

Insufficient Verification of Data Authenticity

Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS

CVE-2018-10939 6.1 - Medium - May 30, 2018

Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group.

XSS

Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1

CVE-2015-7610 8.8 - High - May 30, 2018

Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.

Session Riding

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10

CVE-2018-10950 5.3 - Medium - May 10, 2018

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.

Information Disclosure

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6

CVE-2018-10949 5.3 - Medium - May 10, 2018

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors.

Side Channel Attack

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10

CVE-2018-10951 6.5 - Medium - May 10, 2018

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.

Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might

CVE-2018-6882 6.1 - Medium - March 27, 2018

Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.

XSS

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1

CVE-2017-7288 6.1 - Medium - May 23, 2017

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

XSS

Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6

CVE-2017-6821 9.8 - Critical - May 23, 2017

Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors.

Directory traversal

A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations.

CVE-2017-6813 9.8 - Critical - May 23, 2017

A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations.

Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests

CVE-2016-3403 8.8 - High - May 17, 2017

Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging failure to use of a CSRF token and perform referer header checks, aka bugs 100885 and 100899.

Session Riding

Zimbra Collaboration Suite (ZCS) before 8.7.4

CVE-2016-9924 9.8 - Critical - March 29, 2017

Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.

XXE

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0

CVE-2016-3410 6.1 - Medium - January 18, 2017

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103956, 103995, 104475, 104838, and 104839.

XSS

Unspecified vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3401 6.5 - Medium - January 18, 2017

Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote authenticated users to affect integrity via unknown vectors, aka bug 99810.

Unspecified vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3402 7.5 - High - January 18, 2017

Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect confidentiality via unknown vectors, aka bug 99167.

Unspecified vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3404 7.5 - High - January 18, 2017

Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103959.

Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0

CVE-2016-3405 7.5 - High - January 18, 2017

Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to affect integrity via unknown vectors, aka bugs 103961 and 104828.

Multiple cross-site request forgery (CSRF) vulnerabilities in Zimbra Collaboration before 8.7.0

CVE-2016-3406 8.8 - High - January 18, 2017

Multiple cross-site request forgery (CSRF) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the Client uploader extension or (2) extension REST handlers, aka bugs 104294 and 104456.

Session Riding

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0

CVE-2016-3407 6.1 - Medium - January 18, 2017

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104222, 104910, 105071, and 105175.

XSS

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3408 6.1 - Medium - January 18, 2017

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 101813.

XSS

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3409 6.1 - Medium - January 18, 2017

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 102637.

XSS

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3411 6.1 - Medium - January 18, 2017

Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.

XSS

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0

CVE-2016-3412 6.1 - Medium - January 18, 2017

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 103997, 104413, 104414, 104777, and 104791.

XSS

Unspecified vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-3413 7.5 - High - January 18, 2017

Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996.

Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7

CVE-2016-3414 6.5 - Medium - January 18, 2017

Unspecified vulnerability in Zimbra Collaboration before 8.6.0 Patch 7 allows remote authenticated users to affect availability via unknown vectors, aka bug 102029.

Zimbra Collaboration before 8.7.0

CVE-2016-3415 9.1 - Critical - January 18, 2017

Zimbra Collaboration before 8.7.0 allows remote attackers to conduct deserialization attacks via unspecified vectors, aka bug 102276.

Marshaling, Unmarshaling

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0

CVE-2016-3999 6.1 - Medium - January 18, 2017

Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bugs 104552 and 104703.

XSS

Unspecified vulnerability in Zimbra Collaboration before 8.7.0

CVE-2016-4019 7.5 - High - January 18, 2017

Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477.

Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2

CVE-2013-7091 - December 13, 2013

Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API.

Directory traversal

Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier

CVE-2013-5119 - September 23, 2013

Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token.

authentification