CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35123

In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 75.0%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2020-35123

Zimbra » Collaboration » Version: 8.8.10

cpe:2.3:a:zimbra:collaboration:8.8.10
Zimbra » Collaboration » Version: 8.8.11

cpe:2.3:a:zimbra:collaboration:8.8.11
Zimbra » Collaboration » Version: 8.8.12

cpe:2.3:a:zimbra:collaboration:8.8.12
Zimbra » Collaboration » Version: 8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15
Zimbra » Collaboration » Version: 8.8.2

cpe:2.3:a:zimbra:collaboration:8.8.2
Zimbra » Collaboration » Version: 8.8.3

cpe:2.3:a:zimbra:collaboration:8.8.3
Zimbra » Collaboration » Version: 8.8.4

cpe:2.3:a:zimbra:collaboration:8.8.4
Zimbra » Collaboration » Version: 8.8.6

cpe:2.3:a:zimbra:collaboration:8.8.6
Zimbra » Collaboration » Version: 8.8.7

cpe:2.3:a:zimbra:collaboration:8.8.7
Zimbra » Collaboration » Version: 8.8.8

cpe:2.3:a:zimbra:collaboration:8.8.8
Zimbra » Collaboration » Version: 8.8.9

cpe:2.3:a:zimbra:collaboration:8.8.9
Zimbra » Collaboration » Version: 9.0.0

cpe:2.3:a:zimbra:collaboration:9.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35123

Products

Pricing

Contact Us