CVE-2023-38750

Published: Jul 31, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed.

Affected (29)

Products: Zimbra: Zimbra

1 product

Configuration A

29 vulnerable

Vulnerable Software	Affected Versions
Zimbra Zimbra	From 8.8.0 to 8.8.15
Zimbra Zimbra	Version 10.0.1
Zimbra Zimbra	Version 8.8.15 p11
Zimbra Zimbra	Version 8.8.15 p26
Zimbra Zimbra	Version 8.8.15 p30
Zimbra Zimbra	Version 8.8.15 p31
Zimbra Zimbra	Version 8.8.15 p32
Zimbra Zimbra	Version 8.8.15 p33
Zimbra Zimbra	Version 8.8.15 p34
Zimbra Zimbra	Version 8.8.15 p35
Zimbra Zimbra	Version 8.8.15 p37
Zimbra Zimbra	Version 8.8.15 p38
Zimbra Zimbra	Version 8.8.15 p3
Zimbra Zimbra	Version 8.8.15 p40
Zimbra Zimbra	Version 8.8.15 p5
Zimbra Zimbra	Version 9.0.0
Zimbra Zimbra	Version 9.0.0 p0
Zimbra Zimbra	Version 9.0.0 p19
Zimbra Zimbra	Version 9.0.0 p23
Zimbra Zimbra	Version 9.0.0 p25
Zimbra Zimbra	Version 9.0.0 p26
Zimbra Zimbra	Version 9.0.0 p27
Zimbra Zimbra	Version 9.0.0 p28
Zimbra Zimbra	Version 9.0.0 p30
Zimbra Zimbra	Version 9.0.0 p31
Zimbra Zimbra	Version 9.0.0 p33
Zimbra Zimbra	Version 9.0.0 p4
Zimbra Zimbra	Version 9.0.0 p7.1
Zimbra Zimbra	Version 9.0.0 p7

References (4)

https://wiki.zimbra.com/wiki/Security_Center

Source: cve@mitre.org

Release NotesVendor Advisory

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

Source: cve@mitre.org

Not Applicable

https://wiki.zimbra.com/wiki/Security_Center

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

Timeline

No history available yet.