CVE-2024-45519

Scores

EPSS

0.941high94.1%

0%20%40%60%80%100%

Percentile: 94.1%

CVSS

9.8critical3.x

0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x

9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

nvd

CWEs

78CWE-78

Related Vulnerabilities

BDU:2024-07279

Exploits

Exploit ID: CVE-2024-45519

Source: github-poc

URL: https://github.com/sec13b/CVE-2024-45519

Reference Links

http://wiki.zimbra.com/wiki/Security_Center#ZCS_9.0.0_Patch_41_Released

http://wiki.zimbra.com/wiki/Security_Center#ZCS_8.8.15_Patch_46_Released

http://wiki.zimbra.com/wiki/Security_Center#ZCS_10.0.9_Released

http://wiki.zimbra.com/wiki/Security_Center#ZCS_10.1.1_Released

https://wiki.zimbra.com/wiki/Security_Center

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes

https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes

https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes

https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy

https://blog.projectdiscovery.io/zimbra-remote-code-execution/

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-45519

Vulnerable Software (1)

Type: Configuration

Vendor: *

Product: zimbra_collaboration_suite

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*",      "versionEndExcluding": "8.8.15",      "vulnerable": true    },    {      "cpe23uri"...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*",      "versionEndExcluding": "8.8.15",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*",      "versionEndExcluding": "10.0.9",      "versionStartIncluding": "10.0.0",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p10:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p11:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p12:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p13:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p14:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p15:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p16:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p17:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p18:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p19:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p20:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p21:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p22:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p23:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p24:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p25:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p26:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p27:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p28:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p29:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p3:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p30:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p31:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p31.1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p32:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p33:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p34:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p35:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p36:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p37:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p38:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p39:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p40:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p41:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p42:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p43:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p44:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p45:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p5:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p6:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p7:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p8:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p9:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p10:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p11:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p12:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p13:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p14:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p15:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p16:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p17:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p18:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p19:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p20:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p21:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p22:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p23:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p24:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p24.1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p25:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p26:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p27:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p28:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p29:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p3:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p30:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p31:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p32:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p33:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p34:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p35:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p36:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p37:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p38:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p39:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p40:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p5:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p6:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p7:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p8:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p9:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.0:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

End of list

Russian Vulnerability Scanner Database

CVE-2024-45519

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Exploits

Reference Links

Vulnerable Software (1)