: Malicious requests can be used to scan internal networks or leak sensitive information such as credentials.
or a more recent version (e.g., ZCS 10.x or 9.x latest patches) to address the core vulnerability. Disable WebEx Zimlet:
Shodan searches at the time revealed over 150,000 exposed Zimbra instances, with approximately 30% still unpatched three months after the patch was released.
CVE-2020-7796: Deep Dive into the Zimbra Collaboration Suite SSRF Vulnerability cve20207796 zimbra collaboration suite full
Zimbra released patches addressing this vulnerability. Organizations must upgrade to the latest patched versions immediately:
While some sources list a 6.8 medium severity, deeper analysis indicates a potential for critical impact (CVSS 9.8) if it allows full read/write access to internal services. Potential Impact
is a critical Server-Side Request Forgery (SSRF) vulnerability affecting the Zimbra Collaboration Suite (ZCS) . This flaw allows an unauthenticated, remote attacker to bypass external network perimeters and manipulate the enterprise email server into executing unauthorized HTTP requests. Because Zimbra is a cornerstone of infrastructure for governments, financial institutions, and global enterprises, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2020-7796 to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation in the wild. Technical Breakdown: Understanding the Flaw : Malicious requests can be used to scan
Since the flaw resides in this specific component, disabling it or its JSP functionality can block the attack vector.
An attacker sends a specially crafted HTTP request to the vulnerable Zimbra server. Because the server fails to properly sanitize the destination URL, it fulfills the request on behalf of the attacker. Internal Reconnaissance:
The attacker first checks if the target Zimbra server is vulnerable by sending a benign request to the proxy endpoint and examining the response headers or error messages. CVE-2020-7796: Deep Dive into the Zimbra Collaboration Suite
October 14, 2020 (Publication Date) Severity: Critical (CVSS 9.8) Vendor: Zimbra (Synacor) Product: Zimbra Collaboration Suite (ZCS)
CVE-2020-27988 and CVE-2020-28016 are dangerous but limited to information disclosure. CVE-2020-27996 is a true RCE.