Zimbra · Zimbra Zcs · CVE-2023-34193
**Name of the Vulnerable Software and Affected Versions**
Zimbra ZCS version 8.8.15
**Description**
The issue allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the `ClientUploader` function.
**Recommendations**
For Zimbra ZCS version 8.8.15, consider disabling the `ClientUploader` function as a temporary workaround until a patch is available. Restrict access to sensitive information and monitor for any suspicious activity related to file uploads.