Tag: Zimbra
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/25/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability Users and administrators are also encouraged…
-
Schneier on Security: Weird Zimbra Vulnerability
Source URL: https://www.schneier.com/blog/archives/2024/10/weird-zimbra-vulnerability.html Source: Schneier on Security Title: Weird Zimbra Vulnerability Feedly Summary: Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely…
-
Slashdot: Attackers Exploit Critical Zimbra Vulnerability Using CC’d Email Addresses
Source URL: https://it.slashdot.org/story/24/10/02/230241/attackers-exploit-critical-zimbra-vulnerability-using-ccd-email-addresses Source: Slashdot Title: Attackers Exploit Critical Zimbra Vulnerability Using CC’d Email Addresses Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a critical vulnerability (CVE-2024-45519) in Zimbra mail servers that attackers are exploiting to execute malicious commands and install backdoors. This situation poses significant risks for medium and large organizations…