📦

zm-mailbox

Vendor: zimbra

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.24% Exploit Prob.

Latest CVE CVE-2020-10194 Mar 20

Security Vulnerability Index

Page 1 / 1

6.5 CVSS

CVE-2020-10194

cs/service/account/AutoCompleteGal.java in Zimbra zm-mailbox before 8.8.15.p8 allows authenticated users to request any GAL account. This differs from the intended behavior in which the domain of the authenticated user must match the domain of the galsync account in the request.

EPSS: 0.24%

Severity: MEDIUM

Mar 20, 2020

Displaying 1 of 1 Total Entries

Total 1 Sections