First published: Mon Jan 27 2020(Updated: )
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Synacor Zimbra Collaboration Server | <8.0.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2014-8563.
The severity of CVE-2014-8563 is critical, with a CVSS score of 9.8.
CVE-2014-8563 is a vulnerability in Synacor Zimbra Collaboration before 8.0.9 that allows plaintext command injection during STARTTLS.
Synacor Zimbra Collaboration Server versions up to exclusive 8.0.9 are affected by CVE-2014-8563.
To fix CVE-2014-8563, upgrade Synacor Zimbra Collaboration Server to version 8.0.9 or later.