Shodan
Vulnerabilities
Vulnerable Software
Synacor:  >> Zimbra Collaboration Suite  Security Vulnerabilities
CVE-2017-17703
Synacor Zimbra Collaboration Suite (ZCS) before 8.8.3 has Persistent XSS.
CVSS Score
6.1
EPSS Score
0.007
Published
2018-02-04
CVE-2017-8783
Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 has Persistent XSS.
CVSS Score
5.4
EPSS Score
0.008
Published
2018-02-04
CVE-2017-6813
A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations.
CVSS Score
9.8
EPSS Score
0.017
Published
2017-05-23
CVE-2017-6821
Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors.
CVSS Score
9.8
EPSS Score
0.05
Published
2017-05-23
CVE-2017-7288
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.005
Published
2017-05-23
CVE-2016-3403
Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging failure to use of a CSRF token and perform referer header checks, aka bugs 100885 and 100899.
CVSS Score
8.8
EPSS Score
0.026
Published
2017-05-17
CVE-2016-9924
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.
CVSS Score
9.8
EPSS Score
0.017
Published
2017-03-29
CVE-2016-3401
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote authenticated users to affect integrity via unknown vectors, aka bug 99810.
CVSS Score
6.5
EPSS Score
0.007
Published
2017-01-18
CVE-2016-3402
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect confidentiality via unknown vectors, aka bug 99167.
CVSS Score
7.5
EPSS Score
0.015
Published
2017-01-18
CVE-2016-3404
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103959.
CVSS Score
7.5
EPSS Score
0.012
Published
2017-01-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved