CVE-2019-6980

Опубликовано: 29 мая 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Средний

Описание

Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component.

Ссылки

https://bugzilla.zimbra.com/show_bug.cgi?id=109097
Issue Tracking
Third Party Advisory
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
Vendor Advisory
https://bugzilla.zimbra.com/show_bug.cgi?id=109097
Issue Tracking
Third Party Advisory
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*

Версия от 8.7.0 (включая) до 8.7.11 (исключая)

cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*

Версия от 8.8.0 (включая) до 8.8.9 (исключая)

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:-:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p1:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p2:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p3:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p4:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p5:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p6:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p7:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p8:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:-:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p1:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p2:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p3:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p4:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p6:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p7:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p8:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:-:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p2:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p3:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p4:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p6:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:-:*:*:*:*:*:*

cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:p2:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.40854

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-502

Связанные уязвимости

GHSA-r63j-4gxh-8m32