CVE-2023-38750

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 31, 2023

Updated: Aug 4, 2023

Summary

CVE-2023-38750 is a cybersecurity vulnerability affecting Zimbra Collaboration Suite (ZCS) versions 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2. This issue allows attackers to expose internal JSP and XML files, potentially leading to unauthorized data access or disclosure. The vulnerability may result in significant security risks if exploited, underscoring the importance of prompt patching. Users running affected ZCS versions should immediately update to the latest patch release to mitigate this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Zimbra Collaboration Suite

Affected Vendors

Zimbra

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sG3iPM
https://www.cve.org/CVERecord?id=CVE-2023-38750
https://nvd.nist.gov/vuln/detail/CVE-2023-38750

Back to Vulnerability Database