CVE-2013-5119

Zimbra Collaboration Suite <6.0.16 - Info Disclosure

Title source: llm

Description

Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token.

References (3)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2013-09/0063.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/62407

[Third Party Advisory, VDB Entry] http://osvdb.org/97290

Scores

EPSS 0.0027

EPSS Percentile 49.8%

Classification

CWE

CWE-287

Status draft

Affected Products (16)

synacor/zimbra_collaboration_suite < 6.0.16

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

synacor/zimbra_collaboration_suite

... and 1 more

Timeline

Published Sep 23, 2013

Tracked Since Feb 18, 2026