Synacor 漏洞

时间轴

类型

Groupware Software103

产品

Synacor Zimbra Collaboration61
Synacor Zimbra Collaboration Suite36
Synacor Zimbra5
Synacor Zimbra Web Client1
Synacor Zimbra Mail Client1

修正

Official Fix77
Temporary Fix0
Workaround1
Unavailable0
Not Defined25

易受攻击性

High4
Functional0
Proof-of-Concept4
Unproven0
Not Defined95

访问向量

Not Defined0
Physical0
Local1
Adjacent12
Network90

身份验证

Not Defined0
High4
Low45
None54

用户交互

Not Defined0
Required54
None49

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤47
≤525
≤633
≤719
≤89
≤99
≤101

CVSSv3 Temp

≤10
≤20
≤30
≤47
≤532
≤627
≤720
≤87
≤99
≤101

VulDB

≤10
≤20
≤33
≤423
≤535
≤620
≤76
≤812
≤93
≤101

NVD

≤10
≤20
≤30
≤40
≤52
≤68
≤741
≤815
≤95
≤1012

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k40
<2k41
<5k21
<10k1
<25k0
<50k0
<100k0
≥100k0

本日攻击

<1k101
<2k2
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

攻击市场容量

🔴 CTI 活动

Affected Products (5): Zimbra (5), Zimbra Collaboration (61), Zimbra Collaboration Suite (36), Zimbra Mail Client (1), Zimbra Web Client (1)

Link to Vendor Website: https://synacor.com/

已发布BaseTemp漏洞Prod修正EPSSCTICVE
2023-12-074.84.7Synacor Zimbra 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000460.02CVE-2023-43103
2023-12-076.56.4Synacor Zimbra Collaboration Suite Privilege EscalationGroupware SoftwareNot DefinedOfficial Fix0.000670.02CVE-2023-41106
2023-12-074.84.7Synacor Zimbra Collaboration Suite 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.000460.00CVE-2023-43102
2023-07-314.84.7Synacor Zimbra Collaboration Suite Classic Web Client 跨网站脚本Groupware SoftwareNot DefinedOfficial Fix0.303730.00CVE-2023-37580
2023-07-315.55.4Synacor Zimbra Collaboration Suite JSP File 信息公开Groupware SoftwareNot DefinedOfficial Fix0.000870.03CVE-2023-38750
2023-07-066.26.2Synacor Zimbra Collaboration autoSaveDraft 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.464240.00CVE-2023-34192
2023-07-067.67.6Synacor Zimbra Collaboration sfdc_preauth.jsp Privilege EscalationGroupware SoftwareNot DefinedNot Defined0.001340.03CVE-2023-29382
2023-07-066.16.1Synacor Zimbra Collaboration File Upload ClientUploader 信息公开Groupware SoftwareNot DefinedNot Defined0.001240.04CVE-2023-34193
2023-07-067.07.0Synacor Zimbra Collaboration 信息公开Groupware SoftwareNot DefinedNot Defined0.001190.00CVE-2023-29381
2023-06-167.87.8Synacor Zimbra Collaboration 权限升级Groupware SoftwareNot DefinedNot Defined0.000420.03CVE-2023-24032
2023-06-164.84.8Synacor Zimbra Collaboration Webmail 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.000460.00CVE-2023-24031
2023-06-164.34.3Synacor Zimbra Collaboration preauth RedirectGroupware SoftwareNot DefinedNot Defined0.000460.00CVE-2023-24030
2023-01-074.84.8Synacor Zimbra Collaboration Suite Webmail URL 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.000680.04CVE-2022-45913
2023-01-075.25.2Synacor Zimbra Collaboration Suite Classic UI Login Page 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.000680.07CVE-2022-45911
2022-12-064.74.6Synacor Zimbra Collaboration Suite ClientUploader 权限升级Groupware SoftwareNot DefinedNot Defined0.002030.00CVE-2022-45912
2022-10-188.38.3Synacor Zimbra Collaboration Suite Postfix Privilege EscalationGroupware SoftwareHighOfficial Fix0.001710.02CVE-2022-3569
2022-10-134.84.8Synacor Zimbra Collaboration Suite calendar 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.000750.00CVE-2022-41351
2022-10-134.84.8Synacor Zimbra Collaboration Suite 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.000750.00CVE-2022-41350
2022-10-134.84.8Synacor Zimbra Collaboration Suite IMG Element 信息公开Groupware SoftwareNot DefinedNot Defined0.000750.00CVE-2022-41348
2022-09-268.38.3Synacor Zimbra Collaboration Suite Nginx 权限升级Groupware SoftwareNot DefinedNot Defined0.000480.00CVE-2022-41347
2022-09-267.67.6Synacor Zimbra Collaboration Suite amavisd public 权限升级Groupware SoftwareNot DefinedNot Defined0.956690.03CVE-2022-41352
2022-08-178.38.3Synacor Zimbra Collaboration Suite sudo Configuration zmslapd 权限升级Groupware SoftwareHighOfficial Fix0.001140.04CVE-2022-37393
2022-08-123.53.5Synacor Zimbra Collaboration Suite 跨网站脚本Groupware SoftwareNot DefinedNot Defined0.000780.00CVE-2022-37044
2022-08-126.36.3Synacor Zimbra Collaboration Suite Header ProxyServlet.java 权限升级Groupware SoftwareNot DefinedNot Defined0.000790.08CVE-2022-37041
2022-08-124.34.3Synacor Zimbra Collaboration Suite 跨网站请求伪造Groupware SoftwareNot DefinedNot Defined0.000460.03CVE-2022-37043

78 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 78 results.

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!