#VU79877 Improper authentication in Zimbra Collaboration - CVE-2023-41106

Cybersecurity Help s.r.o.

Published: 2023-08-23 | Updated: 2023-11-20

Vulnerability identifier: #VU79877

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-41106

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Zimbra Collaboration
Web applications / Webmail solutions

Vendor: Synacor Inc.

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an unspecified error. A remote non-authenticated attacker can bypass authentication process and gain unauthorized access to a Zimbra account.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Zimbra Collaboration: 8.8.15 Patch 1 - 10.0.2

External links
https://wiki.zimbra.com/wiki/Security_Center#ZCS_10.0.3_Released
https://wiki.zimbra.com/wiki/Security_Center#ZCS_9.0.0_Patch_35_Released
https://wiki.zimbra.com/wiki/Security_Center#ZCS_8.8.15_Patch_42_Released

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Authentication bypass in Zimbra Collaboration