VDB
CVE-2023-48432
CVE-2023-48432
PUBLISHED
CVSS 8.5 HIGH
De multiples vulnérabilités ont été découvertes dans Zimbra Collaboration. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
EPSS 0.55% · 68.5th percentile
Risk Scores
CVSS 4.0
8.5
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.55%
68.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a, n/a |
| zimbra | collaboration | 10.0.0, 8.8.15, 8.8.15 |
| Synacor | Zimbra Collaboration |
Exploit Intelligence
- CIRCL seen: CVE-2023-48432 (circl-sighting)
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories (circl)
- https://wiki.zimbra.com/wiki/Security_Center (circl)
- https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy (circl)
- cve-2022-21449.yar (github-yara)
- cve-2022-21449.yar (github-yara)
- cve-2022-21449.yar (github-yara)
- cve-2022-21449.yar (github-yara)
- cve-2022-21449.yar (github-yara)
- cve-2022-21449.yar (github-yara)
Timeline
- Apr 22, 2022 PoC Published
- Dec 18, 2023 CVE Published
- Feb 13, 2024 PoC Published
- Feb 14, 2024 EPSS Score
- Mar 12, 2024 EPSS Score
- Apr 8, 2024 EPSS Score
- May 5, 2024 EPSS Score
- Jun 1, 2024 EPSS Score
- Jun 29, 2024 EPSS Score
- Jul 26, 2024 EPSS Score
- Aug 22, 2024 EPSS Score
- Sep 18, 2024 EPSS Score
References
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories url
- https://wiki.zimbra.com/wiki/Security_Center url
- https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy url
- https://nvd.nist.gov/vuln/detail/CVE-2023-48432 advisory
- https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P38 advisory
- https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.6 advisory
- https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P45 advisory