← back
CVE-2019-9621

CVE-2019-9621

CVSS 7.5 HIGHEPSS 80.9%● KEVCWE-918
In short

Zimbra email servers before certain patch versions allow attackers to make requests to internal servers by exploiting the ProxyServlet component. This lets attackers access systems they shouldn't be able to reach from the internet.

Technical detail

Server-Side Request Forgery (SSRF) vulnerability in Zimbra's ProxyServlet allows unauthenticated or low-privileged attackers to forge HTTP requests to internal network resources. The vulnerability affects unpatched versions of Collaboration Suite 8.6, 8.7.x, and 8.8.x, potentially exposing internal services and sensitive data.

Summary generated and translated by AI from the official description.
Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
n/a · n/a
public PoCs found6
githubgithub.com/k8gege/ZimbraExploit79cve_referencepacketstormsecurity.com/files/152487/Zimbra-Collaboration-Autodiscover-Servlet-XXE-ProxyServlet-SSRF.htmlunverifiedcve_referencepacketstormsecurity.com/files/153190/Zimbra-XML-Injection-Server-Side-Request-Forgery.htmlunverifiedcve_referencewww.exploit-db.com/exploits/46693/unverifiedexploitdbwww.exploit-db.com/exploits/46967unverifiedexploitdbwww.exploit-db.com/exploits/46693unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/152487/Zimbra-Collaboration-Autodiscover-Servlet-XXE-ProxyServlet-SSRF.htmlhttp://packetstormsecurity.com/files/153190/Zimbra-XML-Injection-Server-Side-Request-Forgery.htmlhttps://blog.tint0.com/2019/03/a-saga-of-code-executions-on-zimbra.htmlhttps://blog.zimbra.com/2019/03/9826/https://bugzilla.zimbra.com/show_bug.cgi?id=109127https://wiki.zimbra.com/wiki/Security_Centerhttps://wiki.zimbra.com/wiki/Zimbra_Security_Advisorieshttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-9621https://www.exploit-db.com/exploits/46693/http://www.rapid7.com/db/modules/exploit/linux/http/zimbra_xxe_rce