CVE-2023-26562

In Zimbra Collaboration (ZCS) 8.8.15 and 9.0, a closed account (with 2FA and generated passwords) can send e-mail messages when configured for Imap/smtp.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CISA-ADPADP
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
zimbracollaboration
8.8.15
zimbracollaboration
8.8.15:p1
zimbracollaboration
8.8.15:p10
zimbracollaboration
8.8.15:p11
zimbracollaboration
8.8.15:p12
zimbracollaboration
8.8.15:p13
zimbracollaboration
8.8.15:p14
zimbracollaboration
8.8.15:p15
zimbracollaboration
8.8.15:p16
zimbracollaboration
8.8.15:p17
zimbracollaboration
8.8.15:p18
zimbracollaboration
8.8.15:p19
zimbracollaboration
8.8.15:p2
zimbracollaboration
8.8.15:p20
zimbracollaboration
8.8.15:p21
zimbracollaboration
8.8.15:p22
zimbracollaboration
8.8.15:p23
zimbracollaboration
8.8.15:p24
zimbracollaboration
8.8.15:p25
zimbracollaboration
8.8.15:p26
zimbracollaboration
8.8.15:p27
zimbracollaboration
8.8.15:p28
zimbracollaboration
8.8.15:p29
zimbracollaboration
8.8.15:p3
zimbracollaboration
8.8.15:p30
zimbracollaboration
8.8.15:p31
zimbracollaboration
8.8.15:p32
zimbracollaboration
8.8.15:p33
zimbracollaboration
8.8.15:p34
zimbracollaboration
8.8.15:p35
zimbracollaboration
8.8.15:p36
zimbracollaboration
8.8.15:p4
zimbracollaboration
8.8.15:p5
zimbracollaboration
8.8.15:p6
zimbracollaboration
8.8.15:p7
zimbracollaboration
8.8.15:p8
zimbracollaboration
8.8.15:p9
zimbracollaboration
9.0.0
zimbracollaboration
9.0.0:p0
zimbracollaboration
9.0.0:p1
zimbracollaboration
9.0.0:p10
zimbracollaboration
9.0.0:p11
zimbracollaboration
9.0.0:p12
zimbracollaboration
9.0.0:p13
zimbracollaboration
9.0.0:p14
zimbracollaboration
9.0.0:p15
zimbracollaboration
9.0.0:p16
zimbracollaboration
9.0.0:p19
zimbracollaboration
9.0.0:p2
zimbracollaboration
9.0.0:p20
zimbracollaboration
9.0.0:p21
zimbracollaboration
9.0.0:p23
zimbracollaboration
9.0.0:p24
zimbracollaboration
9.0.0:p24.1
zimbracollaboration
9.0.0:p25
zimbracollaboration
9.0.0:p26
zimbracollaboration
9.0.0:p27
zimbracollaboration
9.0.0:p28
zimbracollaboration
9.0.0:p29
zimbracollaboration
9.0.0:p3
zimbracollaboration
9.0.0:p4
zimbracollaboration
9.0.0:p5
zimbracollaboration
9.0.0:p6
zimbracollaboration
9.0.0:p7
zimbracollaboration
9.0.0:p7.1
zimbracollaboration
9.0.0:p8
zimbracollaboration
9.0.0:p9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://wiki.zimbra.com/wiki/Security_Center
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
https://wiki.zimbra.com/wiki/Security_Center
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories