First published: Thu Jul 06 2023(Updated: )
File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zimbra Collaboration | =8.8.15 | |
Zimbra Collaboration | =8.8.15-p1 | |
Zimbra Collaboration | =8.8.15-p10 | |
Zimbra Collaboration | =8.8.15-p11 | |
Zimbra Collaboration | =8.8.15-p12 | |
Zimbra Collaboration | =8.8.15-p13 | |
Zimbra Collaboration | =8.8.15-p14 | |
Zimbra Collaboration | =8.8.15-p15 | |
Zimbra Collaboration | =8.8.15-p16 | |
Zimbra Collaboration | =8.8.15-p17 | |
Zimbra Collaboration | =8.8.15-p18 | |
Zimbra Collaboration | =8.8.15-p19 | |
Zimbra Collaboration | =8.8.15-p2 | |
Zimbra Collaboration | =8.8.15-p20 | |
Zimbra Collaboration | =8.8.15-p21 | |
Zimbra Collaboration | =8.8.15-p22 | |
Zimbra Collaboration | =8.8.15-p23 | |
Zimbra Collaboration | =8.8.15-p24 | |
Zimbra Collaboration | =8.8.15-p25 | |
Zimbra Collaboration | =8.8.15-p26 | |
Zimbra Collaboration | =8.8.15-p27 | |
Zimbra Collaboration | =8.8.15-p28 | |
Zimbra Collaboration | =8.8.15-p29 | |
Zimbra Collaboration | =8.8.15-p3 | |
Zimbra Collaboration | =8.8.15-p30 | |
Zimbra Collaboration | =8.8.15-p31 | |
Zimbra Collaboration | =8.8.15-p32 | |
Zimbra Collaboration | =8.8.15-p33 | |
Zimbra Collaboration | =8.8.15-p34 | |
Zimbra Collaboration | =8.8.15-p35 | |
Zimbra Collaboration | =8.8.15-p37 | |
Zimbra Collaboration | =8.8.15-p4 | |
Zimbra Collaboration | =8.8.15-p5 | |
Zimbra Collaboration | =8.8.15-p6 | |
Zimbra Collaboration | =8.8.15-p7 | |
Zimbra Collaboration | =8.8.15-p8 | |
Zimbra Collaboration | =8.8.15-p9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Zimbra ZCS file upload vulnerability is CVE-2023-34193.
The severity level of CVE-2023-34193 is high with a score of 8.8.
CVE-2023-34193 affects Zimbra Collaboration 8.8.15 and its subsequent versions.
An authenticated privileged user can exploit CVE-2023-34193 by executing arbitrary code and obtaining sensitive information via the ClientUploader function.
You can find more information about Zimbra security advisories on the Zimbra Security Advisories page of the Zimbra Wiki.