PT-2019-18394 · Synacor · Zimbra Collaboration Suite

An Trinh

Published

2019-05-29

Updated

2019-05-30

CVE-2019-6980

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Synacor Zimbra Collaboration Suite versions 8.7.x through 8.8.11

Description The issue concerns insecure object deserialization in the IMAP component.

Recommendations For versions 8.7.x through 8.8.11, update to a version that includes a fix for the insecure object deserialization issue in the IMAP component.

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2019-6980

Affected Products

Zimbra Collaboration Suite

PT-2019-18394 · Synacor · Zimbra Collaboration Suite

CVE-2019-6980

Weakness Enumeration

Related Identifiers

Affected Products

References · 5