cbcvebase.

Zimbra Collaboration vulnerabilities

43 known vulnerabilities affecting zimbra/collaboration.

Total CVEs
43
CISA KEV
2
actively exploited
Public exploits
2
Exploited in wild
2
Severity breakdown
CRITICAL4HIGH10MEDIUM29

Vulnerabilities

Page 1 of 3
CVE-2024-27443P2MEDIUMCVSS 6.1KEVPoC≥ 10.0.0, < 10.0.7v9.0.02024-08-12
CVE-2024-27443 [MEDIUM] CWE-79 CVE-2024-27443: An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vul An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. A Cross-Site Scripting (XSS) vulnerability exists in the CalendarInvite feature of the Zimbra webmail classic user interface, because of improper input validation in the handling of the calendar header. An attacker can exploit this via an email message containing a crafted calendar h
nvd
CVE-2025-66376P2MEDIUMCVSS 6.1KEV≥ 10.0, < 10.0.18≥ 10.1, < 10.1.132026-01-05
CVE-2025-66376 [MEDIUM] CWE-79 CVE-2025-66376: Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS vi Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message.
nvd
CVE-2024-45518P2HIGHCVSS 8.8≥ 10.0.0, < 10.0.9v8.8.15+2 more2024-10-22
CVE-2024-45518 [HIGH] CWE-918 CVE-2024-45518: An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9. An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. It allows authenticated users to exploit Server-Side Request Forgery (SSRF) due to improper input sanitization and misconfigured domain whitelisting. This issue permits unauthorized HTTP requests to be se
nvd
CVE-2022-37393P3HIGHCVSS 7.8PoCv8.7.6v8.7.7+16 more2022-08-16
CVE-2022-37393 [HIGH] CWE-284 CVE-2022-37393: Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbit Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
nvd
CVE-2023-34193P3HIGHCVSS 8.8v8.8.152023-07-06
CVE-2023-34193 [HIGH] CWE-434 CVE-2023-34193: File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute ar File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function.
nvd
CVE-2021-35209P3CRITICALCVSS 9.8≥ 8.8, < 8.8.15v8.8.15+1 more2021-07-02
CVE-2021-35209 [CRITICAL] CWE-918 CVE-2021-35209: An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.x before 9.0.0 Patch 16. The value of the X-Host header overwrites the value of the Host header in proxied requests. The value of X-Host header is not checked against the whitelist of hosts Zimbra is allowed to proxy to
nvd
CVE-2022-32294P3CRITICALCVSS 9.8v8.8.152022-07-11
CVE-2022-32294 [CRITICAL] CWE-863 CVE-2022-32294: Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password (from the "zmprove ca" command). It is visible in cleartext on port UDP 514 (aka the syslog port). NOTE: a third party reports that this cannot be reproduced.
nvd
CVE-2023-29382P3CRITICALCVSS 9.8v8.8.15v9.0.02023-07-06
CVE-2023-29382 [CRITICAL] CWE-94 CVE-2023-29382: An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.
nvd
CVE-2023-29381P3CRITICALCVSS 9.8v8.8.15v9.0.02023-07-06
CVE-2023-29381 [CRITICAL] CWE-863 CVE-2023-29381: An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privi An issue in Zimbra Collaboration (ZCS) v.8.8.15 and v.9.0 allows a remote attacker to escalate privileges and obtain sensitive information via the password and 2FA parameters.
nvd
CVE-2024-27442P3HIGHCVSS 7.8≥ 10.0.0, < 10.0.7v9.0.02024-08-12
CVE-2024-27442 [HIGH] CWE-755 CVE-2024-27442: An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a comp An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The zmmailboxdmgr binary, a component of ZCS, is intended to be executed by the zimbra user with root privileges for specific mailbox operations. However, an attacker can escalate privileges from the zimbra user to root, because of improper handling of input arguments. An attacker can
nvd
CVE-2022-41347P3HIGHCVSS 7.8v8.8.15v9.0.02022-09-26
CVE-2022-41347 [HIGH] CVE-2022-41347: An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configu An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
nvd
CVE-2024-33535P3HIGHCVSS 7.5≥ 10.0.0, < 10.0.8v9.0.02024-08-12
CVE-2024-33535 [HIGH] CWE-22 CVE-2024-33535: An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves unaut An issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves unauthenticated local file inclusion (LFI) in a web application, specifically impacting the handling of the packages parameter. Attackers can exploit this flaw to include arbitrary local files without authentication, potentially leading to unauthorized access
nvd
CVE-2023-24032P3HIGHCVSS 7.8v8.8.15v9.0.02023-06-15
CVE-2023-24032 [HIGH] CWE-77 CVE-2023-24032: In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as root by passing one of JVM arguments, leading to local privilege escalation (LPE).
nvd
CVE-2023-41106P3HIGHCVSS 7.5fixed in 8.8.15≥ 10.0.0, < 10.0.3+2 more2023-12-07
CVE-2023-41106 [HIGH] CVE-2023-41106: An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.3. An attacker can gain access to An issue was discovered in Zimbra Collaboration (ZCS) before 10.0.3. An attacker can gain access to a Zimbra account. This is also fixed in 9.0.0 Patch 35 and 8.8.15 Patch 42.
nvd
CVE-2022-45912P3HIGHCVSS 7.2v8.8.15v9.0.02022-12-05
CVE-2022-45912 [HIGH] CWE-434 CVE-2022-45912: An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occu An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution.
nvd
CVE-2022-37041P3HIGHCVSS 7.5v8.8.15v9.0.02022-08-12
CVE-2022-37041 [HIGH] CWE-918 CVE-2022-37041: An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite (ZC An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. The value of the X-Forwarded-Host header overwrites the value of the Host header in proxied requests. The value of X-Forwarded-Host header is not checked against the whitelist of hosts that ZCS is allowed to proxy to (the zimbraProxyA
nvd
CVE-2020-35123P3MEDIUMCVSS 6.5fixed in 8.8.15v8.8.15+1 more2020-12-17
CVE-2020-35123 [MEDIUM] CWE-611 CVE-2020-35123: In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an X In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17.
nvd
CVE-2023-26562P3MEDIUMCVSS 6.5v8.8.15v9.0.02024-02-13
CVE-2023-26562 [MEDIUM] CWE-862 CVE-2023-26562: In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) ca In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp.
nvd
CVE-2021-35207P4MEDIUMCVSS 6.1≥ 8.8, < 8.8.15v8.8.15+1 more2021-07-02
CVE-2021-35207 [MEDIUM] CWE-79 CVE-2021-35207: An issue was discovered in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.0 before 9.0. An issue was discovered in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.0 before 9.0.0 Patch 16. An XSS vulnerability exists in the login component of Zimbra Web Client, in which an attacker can execute arbitrary JavaScript by adding executable JavaScript to the loginErrorCode parameter of the login url.
nvd
CVE-2023-45207P4MEDIUMCVSS 6.1≥ 10.0.0, < 10.0.5v8.8.15+1 more2024-02-13
CVE-2023-45207 [MEDIUM] CWE-79 CVE-2023-45207: An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. An attacker can send a An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15, 9.0, and 10.0. An attacker can send a PDF document through mail that contains malicious JavaScript. While previewing this file in webmail in the Chrome browser, the stored XSS payload is executed. (This has been mitigated by sanitising the JavaScript code present in a PDF document.)
nvd
Zimbra Collaboration vulnerabilities | cvebase