Описание
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.
Ссылки
- Issue Tracking
- Issue Tracking
Уязвимые конфигурации
Конфигурация 1Версия от 8.7.0 (включая) до 8.7.11 (включая)Версия от 8.8.0 (включая) до 8.8.8 (исключая)
Одно из
cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:-:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch1:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch2:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch3:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch4:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch5:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch6:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch7:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch8:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch9:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p1:*:*:*:*:*:*
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p2:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00456
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.
EPSS
Процентиль: 63%
0.00456
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo