Cve20207796 Zimbra Collaboration Suite Full Better Today

All versions of Zimbra Collaboration Suite (ZCS) prior to 8.8.15 Patch 7 .

Now, authenticated as admin via SSRF, she sends one final request through the proxy to the Zimbra mailbox port (8080): cve20207796 zimbra collaboration suite full

If immediate patching is not possible, the following mitigations are recommended: All versions of Zimbra Collaboration Suite (ZCS) prior to 8

If immediate patching is not possible, organizations should consider disabling the WebEx zimlet if it is not business-critical, as this removes the attack vector. Vendor Guidance: Refer to the official Zimbra 8.8.15 P7 Release Notes for specific patching instructions. Proof of Concept (PoC) authenticated as admin via SSRF