CVE-2024-45519
CVE-2024-45519
In short
An unauthenticated attacker can execute arbitrary commands on a Zimbra email server through the postjournal service, bypassing all security protections without needing valid credentials.
Technical detail
The postjournal service in Zimbra Collaboration contains an unauthenticated command execution vulnerability (CWE-78, OS Command Injection). An attacker can send specially crafted requests to the vulnerable service to execute arbitrary commands with the privileges of the Zimbra process, affecting versions before 8.8.15 Patch 46, 9.0.0 Patch 41, 10.0.9, and 10.1.1.
Summary generated and translated by AI from the official description.
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N
Affected products
n/a · n/apublic PoCs found — 4
githubgithub.com/Chocapikk/CVE-2024-45519★ 139githubgithub.com/p33d/CVE-2024-45519★ 42githubgithub.com/sec13b/CVE-2024-45519★ 0cve_referenceblog.projectdiscovery.io/zimbra-remote-code-execution/unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://blog.projectdiscovery.io/zimbra-remote-code-execution/https://wiki.zimbra.com/wiki/Security_Centerhttps://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixeshttps://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixeshttps://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixeshttps://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixeshttps://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policyhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-45519