First published: Thu May 10 2018(Updated: )
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Synacor Zimbra Collaboration Suite | >=8.7.0<8.7.11 | |
Synacor Zimbra Collaboration Suite | >=8.8.0<8.8.8 | |
Synacor Zimbra Collaboration Suite | =8.6.0 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch1 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch2 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch3 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch4 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch5 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch6 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch7 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch8 | |
Synacor Zimbra Collaboration Suite | =8.6.0-patch9 | |
Synacor Zimbra Collaboration Suite | =8.7.11 | |
Synacor Zimbra Collaboration Suite | =8.7.11-patch1 | |
Synacor Zimbra Collaboration Suite | =8.7.11-patch2 | |
Synacor Zimbra Collaboration Suite | =8.7.11-patch3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-10950 refers to a vulnerability in Zimbra Collaboration Suite that allows information exposure through verbose error messages.
CVE-2018-10950 has a severity value of 5.3, which is considered medium.
Zimbra Collaboration Suite versions 8.8 before 8.8.8, 8.7 before 8.7.11.Patch3, and 8.6 before 8.6.0.Patch10 are affected by CVE-2018-10950.
To fix CVE-2018-10950, it is recommended to update Zimbra Collaboration Suite to version 8.8.8, 8.7.11.Patch3, or 8.6.0.Patch10.
You can find more information about CVE-2018-10950 at the following link: https://bugzilla.zimbra.com/show_bug.cgi?id=108963