CVE-2024-45519 - Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability

Vulnerability Name

Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability

Description

Synacor Zimbra Collaboration Suite (ZCS) contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

https://nvd.nist.gov/vuln/detail/CVE-2024-45519

Related News Articles

Critical Zimbra RCE flaw exploited to backdoor servers using emailsOctober 2, 2024

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)October 2, 2024

Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal FlawOctober 2, 2024