In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed.
References
Link | Resource |
---|---|
https://wiki.zimbra.com/wiki/Security_Center | Release Notes Vendor Advisory |
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy | Not Applicable |
Configurations
Configuration 1 (hide)
|
History
04 Aug 2023, 17:09
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy - Not Applicable | |
References | (MISC) https://wiki.zimbra.com/wiki/Security_Center - Release Notes, Vendor Advisory | |
CPE | cpe:2.3:a:zimbra:zimbra:9.0.0:p26:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p32:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p40:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p30:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p31:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p30:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p31:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p25:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p33:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p37:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:*:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p11:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p27:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p0:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p4:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p7:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:*:*:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p26:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p23:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p33:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p5:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p7.1:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p35:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p28:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:10.0.1:*:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p34:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:9.0.0:p19:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p3:*:*:*:*:*:* cpe:2.3:a:zimbra:zimbra:8.8.15:p38:*:*:*:*:*:* |
|
First Time |
Zimbra zimbra
Zimbra |
|
CWE | NVD-CWE-noinfo |
31 Jul 2023, 17:30
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-31 16:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-38750
Mitre link : CVE-2023-38750
CVE.ORG link : CVE-2023-38750
JSON object : View
Products Affected
zimbra
- zimbra
CWE