Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:7FAC2D47-5477-4C40-9311-7F00D612818F
HistoryMay 29, 2019 - 12:00 a.m.

CVE-2019-9670

2019-05-2900:00:00
attackerkb.com
29

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.975

Percentile

100.0%

JSON

mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

Related

nuclei 1
osv 1
prion 1
nessus 1
githubexploit 2
cve 1
nvd 1
cisa_kev 1
cvelist 1
attackerkb 1
zdt 1
packetstorm 1
metasploit 1
exploitdb 1
threatpost 3
thn 5
malwarebytes 2
cisa 2
qualysblog 1
ics 1
nuclei
nuclei
Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection
2020-10-29 10:53:46
osv
osv
CVE-2019-9670
2019-05-29 22:29:01
prion
prion
Xxe
2019-05-29 22:29:00
nessus
nessus
Zimbra Collaboration Server 8.7.x < 8.7.11p10 XML External Entity injection (XXE) vulnerability
2019-08-12 00:00:00
githubexploit
githubexploit
Exploit for Improper Restriction of XML External Entity Reference in Synacor Zimbra Collaboration Suite
2019-08-16 04:37:11
Exploit for Improper Restriction of XML External Entity Reference in Synacor Zimbra Collaboration Suite
2019-08-16 15:22:27
cve
cve
CVE-2019-9670
2019-05-29 22:29:01
nvd
nvd
CVE-2019-9670
2019-05-29 22:29:01
cisa_kev
cisa_kev
Synacor Zimbra Collaboration (ZCS) Improper Restriction of XML External Entity Reference
2022-01-10 00:00:00
cvelist
cvelist
CVE-2019-9670
2019-05-29 21:04:28
attackerkb
attackerkb
Zimbra Collaboration Suite Autodiscover XXE
2019-05-29 00:00:00
zdt
zdt
Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF Exploit
2019-04-11 00:00:00
packetstorm
packetstorm
Zimbra Collaboration Autodiscover Servlet XXE / ProxyServlet SSRF
2019-04-11 00:00:00
metasploit
metasploit
Zimbra Collaboration Autodiscover Servlet XXE and ProxyServlet SSRF
2019-04-01 12:32:57
exploitdb
exploitdb
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
2019-04-12 00:00:00
threatpost
threatpost
Zimbra Server Bugs Could Lead to Email Plundering
2021-07-27 17:30:28
Hackers Look to Steal COVID-19 Vaccine Research
2020-07-16 18:05:20
NSA: 5 Security Bugs Under Active Nation-State Cyberattack
2021-04-16 18:10:09
thn
thn
US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
2021-04-15 16:55:00
FBI, CISA Uncover Tactics Employed by Russian Intelligence Hackers
2021-04-27 09:14:00
Earth Lusca's New SprySOCKS Linux Backdoor Targets Government Entities
2023-09-19 11:10:00
malwarebytes
malwarebytes
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
2021-04-16 14:59:38
Atomic research institute breached via VPN vulnerability
2021-06-21 13:53:03
cisa
cisa
NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks
2021-04-15 00:00:00
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
2022-01-10 00:00:00
qualysblog
qualysblog
Russia-Ukraine Crisis: How to Strengthen Your Security Posture to Protect against Cyber Attack, based on CISA Guidelines
2022-02-26 20:20:32
ics
ics
Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
2022-03-01 12:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.975

Percentile

100.0%

JSON
Related for AKB:7FAC2D47-5477-4C40-9311-7F00D612818F
nuclei1osv1prion1nessus1githubexploit2cve1nvd1cisa_kev1cvelist1attackerkb1zdt1packetstorm1metasploit1exploitdb1threatpost3thn5malwarebytes2cisa2qualysblog1ics1