Detections
Analytics
Zimbra Collaboration Server 9.0.0 < 9.0.0 Patch 33 Multiple Vulnerabilities
critical Nessus Plugin ID 178616
Language:
Synopsis
The remote web server contains a web application that is affected by multiple vulnerabilities.Description
According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including:- Vulnerability in the sfdc_preauth.jsp component. A remote, unauthenticated attacker can exploit this vulnerability to execute arbitrary code. (CVE-2023-29382)
- HTTP request smuggling vulnerability in the bundled Apache HTTP Server component. Exploitation of this vulnerability can result in the bypass of access controls in the proxy server, proxying unintended URLs to existing origin servers and cache poisoning. (CVE-2023-25690)
- An SSRF vulnerability in the bundled Apache CXF component. (CVE-2022-46364)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to version 9.0.0 Patch 33, or later.See Also
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P33
Plugin Details
Severity: Critical
ID: 178616
File Name: zimbra_9_0_0_p33.nasl
Version: 1.3
Type: combined
Agent: unix
Family: CGI abuses
Published: 7/20/2023
Updated: 8/3/2023
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Low
Base Score: 3.5
Temporal Score: 2.7
Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P
CVSS Score Source: CVE-2022-22970
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2023-29382
Vulnerability Information
CPE: cpe:/a:zimbra:collaboration_suite
Required KB Items: installed_sw/zimbra_zcs
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/30/2023
Vulnerability Publication Date: 5/30/2023
Reference Information
CVE: CVE-2022-22970, CVE-2022-46364, CVE-2023-25690, CVE-2023-29381, CVE-2023-29382, CVE-2023-34193
IAVA: 2023-A-0359-S