Zimbra Authentication Bypass in MailboxImportServlet vulnerability and Zimlet deprecation
Barry de Graaff
info at barrydegraaff.nl
Wed Aug 10 16:08:57 CEST 2022
Hello All,
For those not updated to Zimbra 8.8.15 patch 33 and Zimbra 9.0.0 patch
26 do so ASAP, see more details here:
https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/
In addition the following Zimlets now have an end-of-life indication:
1. Deprecation of PGP Zimlet:
https://github.com/Zimbra-Community/pgp-zimlet last Zimbra version
supported 9.0.0.
2. Deprecation of Zimbra FOSS 2FA
https://github.com/Zimbra-Community/zimbra-foss-2fa last Zimbra
version supported 8.8.15.
Best regards,
Barry de Graaff
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zetalliance.org/pipermail/users_lists.zetalliance.org/attachments/20220810/373df087/attachment.html>
More information about the Users
mailing list