PT-2018-10203 · Zimbra · Zimbra Collaboration Suite

Published

2018-05-10

Updated

2019-08-02

CVE-2018-10950

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration Suite versions 8.6.0 through 8.6.0.Patch9 Zimbra Collaboration Suite versions 8.7.0 through 8.7.11.Patch2 Zimbra Collaboration Suite versions 8.8.0 through 8.8.7

Description The issue allows information exposure through verbose error messages containing a stack dump, tracing data, or full user-context dump.

Recommendations For Zimbra Collaboration Suite versions 8.6.0 through 8.6.0.Patch9, update to version 8.6.0.Patch10 or later. For Zimbra Collaboration Suite versions 8.7.0 through 8.7.11.Patch2, update to version 8.7.11.Patch3 or later. For Zimbra Collaboration Suite versions 8.8.0 through 8.8.7, update to version 8.8.8 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-10950

Affected Products

Zimbra Collaboration Suite

PT-2018-10203 · Zimbra · Zimbra Collaboration Suite

CVE-2018-10950

Weakness Enumeration

Related Identifiers

Affected Products

References · 4