Zimbra has warned that its email software has a serious zero-day security flaw that is being exploited in the wild.
“A security vulnerability has surfaced in Zimbra Collaboration Suite version 8.8.15 that may affect the confidentiality and integrity of data,” the company said in its advisory.
He also said that the issue has been resolved and will be available in the July patch release. No additional details regarding this flaw are currently available.
In the meantime, we encourage customers to apply manual fixes to eliminate attack vectors.
- Make a backup of the file /opt/zimbra/jetty/webapps/zimbra/m/momoveto.
- Edit this file and go to line number 40
- Update the parameter values as follows:
- Before the update, this line looked like this:
The company did not disclose the details of the active exploitation, but Google Threat Analysis Group (TAG) researcher Maddie Stone said: Said A cross-site scripting (XSS) flaw was found to be being exploited as part of a targeted attack. His TAG researcher Clément Lecigne is credited with finding and reporting this bug.
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
join today
This disclosure follows Cisco’s release of a patch to fix a critical flaw (CVE-2023-20214, CVSS score: 9.1) in their SD-WAN vManage software. This flaw could allow an unauthenticated, remote attacker to gain read or restricted write permissions to the configuration. of the affected Cisco SD-WAN vManage instance.
“A successful exploit could allow the attacker to obtain information from or send information to the configuration of the affected Cisco vManage instance,” the company said. “A successful exploit could allow the attacker to retrieve information from or send information to the configuration of the affected Cisco vManage instance.”
This vulnerability has been resolved in versions 20.6.3.4, 20.6.4.2, 20.6.5.5, 20.9.3.2, 20.10.1.2, and 20.11.1.2. The network equipment giant said it was not aware of any exploitation of the flaw.
