CVE-2023-45206 — Vulnetix

CVE-2023-45206 PUBLISHED CVSS 6.099999904632568 MEDIUM

De multiples vulnérabilités ont été découvertes dans Zimbra <span id="Zimbra_Collaboration_Daffodil_10.0.5_Patch_Release" class="mw-headline">Collaboration</span>. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur et une injection de code indirecte à distance (XSS).

EPSS 0.35% · 57.7th percentile

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.35%

57.7th percentile

Affected Products

Vendor	Product	Versions
Synacor	Zimbra Collaboration
n/a	n/a	n/a
zimbra	collaboration	8.8.15, 8.8.15, 8.8.15

Exploit Intelligence

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories (circl)
https://wiki.zimbra.com/wiki/Security_Center (circl)
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy (circl)

Timeline

Oct 19, 2023 CVE Published
Feb 14, 2024 EPSS Score
Mar 12, 2024 EPSS Score
Apr 8, 2024 EPSS Score
May 5, 2024 EPSS Score
Jun 1, 2024 EPSS Score
Jun 29, 2024 EPSS Score
Jul 26, 2024 EPSS Score
Aug 22, 2024 EPSS Score
Sep 18, 2024 EPSS Score
Oct 15, 2024 EPSS Score
Nov 11, 2024 EPSS Score

References

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories url
https://wiki.zimbra.com/wiki/Security_Center url
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy url
https://nvd.nist.gov/vuln/detail/CVE-2023-45206 advisory
https://blog.zimbra.com/2023/10/patch-for-zimbra-daffodil-10-0-5-9-0-0-patch-37-8-8-15-patch-44/ advisory

Open in Interactive Console →