1. CVE-Search
  2. CVE-2019-6981
ID CVE-2019-6981
Summary Zimbra Collaboration Suite 8.7.x through 8.8.11 allows Blind SSRF in the Feed component.
References
Vulnerable Configurations
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.8:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.9:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.9:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.10:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p10:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p10:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p2:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p3:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p3:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p4:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p4:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p5:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p5:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p6:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p6:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p7:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p7:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p8:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p8:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p9:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p9:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.0:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.0:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:p1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:p2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:p2:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:patch1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:patch1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:patch2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:patch2:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p10:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p10:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p3:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p3:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p4:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p4:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p6:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p6:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p7:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p7:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p9:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p9:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch10:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch10:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch2:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch3:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch3:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch4:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch4:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch5:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch5:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch6:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch6:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch7:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch7:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch9:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:patch9:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p1:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p2:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p3:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p3:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p4:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p4:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p6:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p6:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p7:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p7:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p8:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:p8:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p2:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p3:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p3:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p4:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p4:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p6:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:p6:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:-:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:-:*:*:*:*:*:*
  • cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:p2:*:*:*:*:*:*
    cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:p2:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 30-05-2019 - 17:44)
Impact:
Exploitability:
CWE CWE-918
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
misc
Last major update 30-05-2019 - 17:44
Published 29-05-2019 - 22:29
Last modified 30-05-2019 - 17:44
Back to Top