PT-2018-10203 · Zimbra · Zimbra Collaboration Suite

Publicado

2018-05-10

Atualizado

2019-08-02

CVE-2018-10950

CVSS v3.1

5.3

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration Suite versions 8.6.0 through 8.6.0.Patch9 Zimbra Collaboration Suite versions 8.7.0 through 8.7.11.Patch2 Zimbra Collaboration Suite versions 8.8.0 through 8.8.7

Description The issue allows information exposure through verbose error messages containing a stack dump, tracing data, or full user-context dump.

Recommendations For Zimbra Collaboration Suite versions 8.6.0 through 8.6.0.Patch9, update to version 8.6.0.Patch10 or later. For Zimbra Collaboration Suite versions 8.7.0 through 8.7.11.Patch2, update to version 8.7.11.Patch3 or later. For Zimbra Collaboration Suite versions 8.8.0 through 8.8.7, update to version 8.8.8 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2018-10950

Produtos afetados

Zimbra Collaboration Suite

PT-2018-10203 · Zimbra · Zimbra Collaboration Suite

CVE-2018-10950

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4