CVE-2023-34193

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
VendorProductVersion
zimbracollaboration
8.8.15
zimbracollaboration
8.8.15:p1
zimbracollaboration
8.8.15:p10
zimbracollaboration
8.8.15:p11
zimbracollaboration
8.8.15:p12
zimbracollaboration
8.8.15:p13
zimbracollaboration
8.8.15:p14
zimbracollaboration
8.8.15:p15
zimbracollaboration
8.8.15:p16
zimbracollaboration
8.8.15:p17
zimbracollaboration
8.8.15:p18
zimbracollaboration
8.8.15:p19
zimbracollaboration
8.8.15:p2
zimbracollaboration
8.8.15:p20
zimbracollaboration
8.8.15:p21
zimbracollaboration
8.8.15:p22
zimbracollaboration
8.8.15:p23
zimbracollaboration
8.8.15:p24
zimbracollaboration
8.8.15:p25
zimbracollaboration
8.8.15:p26
zimbracollaboration
8.8.15:p27
zimbracollaboration
8.8.15:p28
zimbracollaboration
8.8.15:p29
zimbracollaboration
8.8.15:p3
zimbracollaboration
8.8.15:p30
zimbracollaboration
8.8.15:p31
zimbracollaboration
8.8.15:p32
zimbracollaboration
8.8.15:p33
zimbracollaboration
8.8.15:p34
zimbracollaboration
8.8.15:p35
zimbracollaboration
8.8.15:p37
zimbracollaboration
8.8.15:p4
zimbracollaboration
8.8.15:p5
zimbracollaboration
8.8.15:p6
zimbracollaboration
8.8.15:p7
zimbracollaboration
8.8.15:p8
zimbracollaboration
8.8.15:p9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://wiki.zimbra.com/wiki/Security_Center
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
https://wiki.zimbra.com/wiki/Security_Center
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories