Skip to main content

EUVDEUVD-2026-13692

| CVE-2026-33369 MEDIUM
Improper Input Validation (CWE-20)
2026-03-20 mitre
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 20, 2026 - 14:15 euvd
EUVD-2026-13692
Analysis Generated
Mar 20, 2026 - 14:15 vuln.today
CVE Published
Mar 20, 2026 - 00:00 nvd
MEDIUM 4.3

DescriptionCVE.org

Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operation. The application fails to properly sanitize user-supplied input before incorporating it into an LDAP search filter. An authenticated attacker can exploit this issue by sending a crafted SOAP request that manipulates the LDAP query, allowing retrieval of sensitive directory attributes.

AnalysisAI

An LDAP injection vulnerability exists in Zimbra Collaboration Server (ZCS) versions 10.0 and 10.1 within the Mailbox SOAP service's FolderAction operation. An authenticated attacker can exploit this issue by sending a crafted SOAP request containing malicious LDAP filter syntax to bypass input validation and retrieve sensitive directory attributes from the LDAP backend. This vulnerability enables information disclosure of directory data that should be access-controlled.

Technical ContextAI

The vulnerability exists in the SOAP-based Mailbox service, which interfaces with the underlying LDAP directory service used by Zimbra for user and group management. The FolderAction operation accepts user input that is incorporated directly into LDAP search filters without proper sanitization or parameterization. LDAP injection (related to CWE-90: Improper Neutralization of Special Elements used in an LDAP Query) occurs when special LDAP metacharacters such as asterisks (*), parentheses, and Boolean operators are not escaped before being passed to the LDAP search engine. The affected products include Zimbra Collaboration Server (ZCS) as identified in vendor security advisories and release notes, though the specific CPE string was not fully populated in public records at the time of CVE assignment.

RemediationAI

Upgrade Zimbra Collaboration Server to version 10.1.16 or later, which includes the security fix for this LDAP injection vulnerability as documented at https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.16#Security_Fixes. For organizations unable to patch immediately, implement network-level access controls to restrict SOAP service access to trusted administrative networks and disable FolderAction operations for non-administrative accounts if operationally feasible. Review LDAP query logs for signs of exploitation attempts using patterns containing LDAP metacharacters. Consult Zimbra's Responsible Disclosure Policy (https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy) and Security Center (https://wiki.zimbra.com/wiki/Security_Center) for additional guidance.

Share

EUVD-2026-13692 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy