Detections
Analytics

Zimbra Collaboration Server 10.0.x < 10.0.18, 10.1.x < 10.1.13 Multiple Vulnerabilities

high Nessus Plugin ID 297134

Language:

Synopsis

The remote web server contains a web application that is affected by multiple vulnerabilities.

Description

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including:

 - A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory. (CVE-2025-68645)

 - Zimbra Collaboration Server 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets (CSS) @import directives in an HTML e-mail message. (CVE-2025-66376)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to version 10.0.18, 10.1.13 or later.

See Also

https://wiki.zimbra.com/wiki/Security_Center

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.18

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.13

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Plugin Details

Severity: High

ID: 297134

File Name: zimbra_CVE-2025-68645.nasl

Version: 1.5

Type: Combined

Agent: unix

Family: CGI abuses

Published: 1/29/2026

Updated: 6/24/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-68645

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:zimbra:collaboration_suite

Required KB Items: installed_sw/zimbra_zcs

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/6/2025

Vulnerability Publication Date: 11/6/2025

CISA Known Exploited Vulnerability Due Dates: 2/12/2026

Reference Information

CVE: CVE-2025-66376, CVE-2025-68645

IAVA: 2026-A-0084-S