Synacor Vulnérabilités

Chronologie

Taper

Produit

Synacor Zimbra Collaboration61
Synacor Zimbra Collaboration Suite36
Synacor Zimbra5
Synacor Zimbra Web Client1
Synacor Zimbra Mail Client1

Contre-mesures

Official Fix77
Temporary Fix0
Workaround1
Unavailable0
Not Defined25

Exploitabilité

High2
Functional1
Proof-of-Concept5
Unproven0
Not Defined95

Vecteur d'accès

Not Defined0
Physical0
Local1
Adjacent12
Network90

Authentification

Not Defined0
High4
Low45
None54

Interaction de l'utilisateur

Not Defined0
Required54
None49

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤47
≤525
≤633
≤719
≤89
≤99
≤101

CVSSv3 Temp

≤10
≤20
≤30
≤47
≤533
≤626
≤720
≤88
≤98
≤101

VulDB

≤10
≤20
≤33
≤423
≤535
≤620
≤76
≤812
≤93
≤101

NVD

≤10
≤20
≤30
≤40
≤52
≤68
≤741
≤815
≤95
≤1012

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k40
<2k40
<5k22
<10k1
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k101
<2k1
<5k1
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (5): Zimbra (5), Zimbra Collaboration (61), Zimbra Collaboration Suite (36), Zimbra Mail Client (1), Zimbra Web Client (1)

Link to Vendor Website: https://synacor.com/

PubliéBaseTempVulnérabilitéProdExpConCTIEPSSCVE
07/12/20234.84.7Synacor Zimbra cross site scriptingGroupware SoftwareNot DefinedOfficial Fix0.020.00046CVE-2023-43103
07/12/20236.56.4Synacor Zimbra Collaboration Suite Privilege EscalationGroupware SoftwareNot DefinedOfficial Fix0.020.00067CVE-2023-41106
07/12/20234.84.7Synacor Zimbra Collaboration Suite cross site scriptingGroupware SoftwareNot DefinedOfficial Fix0.020.00046CVE-2023-43102
31/07/20234.84.7Synacor Zimbra Collaboration Suite Classic Web Client cross site scriptingGroupware SoftwareNot DefinedOfficial Fix0.000.30373CVE-2023-37580
31/07/20235.55.4Synacor Zimbra Collaboration Suite JSP File divulgation de l'informationGroupware SoftwareNot DefinedOfficial Fix0.030.00087CVE-2023-38750
06/07/20236.26.2Synacor Zimbra Collaboration autoSaveDraft cross site scriptingGroupware SoftwareNot DefinedNot Defined0.040.30586CVE-2023-34192
06/07/20237.67.6Synacor Zimbra Collaboration sfdc_preauth.jsp Privilege EscalationGroupware SoftwareNot DefinedNot Defined0.040.00134CVE-2023-29382
06/07/20236.16.1Synacor Zimbra Collaboration File Upload ClientUploader divulgation de l'informationGroupware SoftwareNot DefinedNot Defined0.040.00124CVE-2023-34193
06/07/20237.07.0Synacor Zimbra Collaboration divulgation de l'informationGroupware SoftwareNot DefinedNot Defined0.010.00119CVE-2023-29381
16/06/20237.87.8Synacor Zimbra Collaboration elévation de privilègesGroupware SoftwareNot DefinedNot Defined0.030.00042CVE-2023-24032
16/06/20234.84.8Synacor Zimbra Collaboration Webmail cross site scriptingGroupware SoftwareNot DefinedNot Defined0.000.00046CVE-2023-24031
16/06/20234.34.3Synacor Zimbra Collaboration preauth RedirectGroupware SoftwareNot DefinedNot Defined0.020.00046CVE-2023-24030
07/01/20234.84.8Synacor Zimbra Collaboration Suite Webmail URL cross site scriptingGroupware SoftwareNot DefinedNot Defined0.040.00068CVE-2022-45913
07/01/20235.25.2Synacor Zimbra Collaboration Suite Classic UI Login Page cross site scriptingGroupware SoftwareNot DefinedNot Defined0.020.00068CVE-2022-45911
06/12/20224.74.6Synacor Zimbra Collaboration Suite ClientUploader elévation de privilègesGroupware SoftwareNot DefinedNot Defined0.000.00203CVE-2022-45912
18/10/20228.38.3Synacor Zimbra Collaboration Suite Postfix Privilege EscalationGroupware SoftwareHighOfficial Fix0.020.00171CVE-2022-3569
13/10/20224.84.8Synacor Zimbra Collaboration Suite calendar cross site scriptingGroupware SoftwareNot DefinedNot Defined0.020.00075CVE-2022-41351
13/10/20224.84.8Synacor Zimbra Collaboration Suite cross site scriptingGroupware SoftwareNot DefinedNot Defined0.000.00075CVE-2022-41350
13/10/20224.84.8Synacor Zimbra Collaboration Suite IMG Element divulgation de l'informationGroupware SoftwareNot DefinedNot Defined0.000.00075CVE-2022-41348
26/09/20228.38.3Synacor Zimbra Collaboration Suite Nginx elévation de privilègesGroupware SoftwareNot DefinedNot Defined0.020.00042CVE-2022-41347
26/09/20227.67.6Synacor Zimbra Collaboration Suite amavisd public elévation de privilègesGroupware SoftwareNot DefinedNot Defined0.040.95689CVE-2022-41352
17/08/20228.38.3Synacor Zimbra Collaboration Suite sudo Configuration zmslapd elévation de privilègesGroupware SoftwareHighOfficial Fix0.020.00114CVE-2022-37393
12/08/20223.53.5Synacor Zimbra Collaboration Suite cross site scriptingGroupware SoftwareNot DefinedNot Defined0.000.00078CVE-2022-37044
12/08/20226.36.3Synacor Zimbra Collaboration Suite Header ProxyServlet.java elévation de privilègesGroupware SoftwareNot DefinedNot Defined0.080.00079CVE-2022-37041
12/08/20224.34.3Synacor Zimbra Collaboration Suite cross site request forgeryGroupware SoftwareNot DefinedNot Defined0.030.00046CVE-2022-37043

78 plus d'entrées ne sont pas affichées

Do you know our Splunk app?

Download it now for free!