CVE-2024-45519

None

Description

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.

INFO

Published Date :

2024-10-02T00:00:00.000Z

Last Modified :

2026-02-03T19:27:04.871Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2024-45519 vulnerability.

Vendors	Products
Synacor	Zimbra Collaboration Suite

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-45519.

URL	Resource
https://blog.projectdiscovery.io/zimbra-remote-code-execution/
https://wiki.zimbra.com/wiki/Security_Center
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-45519

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Complexity

Attack Vector

Availability Impact

Confidentiality Impact

Integrity Impact

Privileges Required

Scope

User Interaction