CVE-2019-9670 - Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
Project:Synacor
Product:Zimbra Collaboration Suite (ZCS)
Date Added:2022-01-10Due Date:2022-07-10
Vulnerability Name
Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
Description
Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-9670