CVE-2023-34193 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2023-34193

Analyzed

More Info Official Page

Source-cve@mitre.org

Published At-06 Jul, 2023 | 16:15

Updated At-12 Jul, 2023 | 23:13

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CPE Matches

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p1:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p10:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p11:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p12:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p13:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p14:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p15:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p16:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p17:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p18:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p19:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p2:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p20:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p21:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p22:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p23:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p24:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p25:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p26:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p27:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p28:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p29:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p3:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p30:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p31:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p32:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p33:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p34:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p35:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p37:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p4:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p5:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p6:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p7:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p8:*:*:*:*:*:*

>>collaboration>>8.8.15

cpe:2.3:a:zimbra:collaboration:8.8.15:p9:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-434	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://wiki.zimbra.com/wiki/Security_Center	cve@mitre.org	Release Notes Vendor Advisory
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy	cve@mitre.org	Not Applicable
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories	cve@mitre.org	Vendor Advisory