Synacor Zimbra Collaboration Suite up to 8.7.x/8.8.11 IMAP Deserialization unknown vulnerability
| CVSS Meta Temp Score | Current Exploit Price (โ) |
|---|---|
| 5.5 | $0-$5k |
A vulnerability was found in Synacor Zimbra Collaboration Suite up to 8.7.x/8.8.11. It has been classified as critical. Affected is code of the component IMAP. CWE is classifying the issue as CWE-502. The impact remains unknown. CVE summarizes:
Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in the IMAP component.
The weakness was presented 05/29/2019. This vulnerability is traded as CVE-2019-6980 since 01/28/2019. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 05/30/2019).
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Vendor
Name
Class: Unknown / Deserialization (CWE-502)
Local: Yes
Remote: No
Availability: ๐
Status: Not defined
Price Prediction: ๐
Current Price Estimation: ๐
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: ๐
Adversaries: ๐
Geopolitics: ๐
Economy: ๐
Predictions: ๐
Remediation: ๐Recommended: no mitigation known
0-Day Time: ๐
01/28/2019 CVE assigned
05/29/2019 Advisory disclosed
05/30/2019 VulDB entry created
05/30/2019 VulDB last update
CVE: CVE-2019-6980 (๐)Created: 05/30/2019 09:45 AM
Complete: ๐
See the underground prices here!
https://vuldb.com/?id.135708
Gloss