How to fix EUVD-2026-13692?

EUVD-2026-13692

| CVE-2026-33369 MEDIUM

2026-03-20 mitre

4.3

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 20, 2026 - 14:15 vuln.today

EUVD ID Assigned

Mar 20, 2026 - 14:15 euvd

EUVD-2026-13692

CVE Published

Mar 20, 2026 - 00:00 nvd

MEDIUM 4.3

Description

Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operation. The application fails to properly sanitize user-supplied input before incorporating it into an LDAP search filter. An authenticated attacker can exploit this issue by sending a crafted SOAP request that manipulates the LDAP query, allowing retrieval of sensitive directory attributes.

Analysis

An LDAP injection vulnerability exists in Zimbra Collaboration Server (ZCS) versions 10.0 and 10.1 within the Mailbox SOAP service's FolderAction operation. An authenticated attacker can exploit this issue by sending a crafted SOAP request containing malicious LDAP filter syntax to bypass input validation and retrieve sensitive directory attributes from the LDAP backend. …

Remediation

Within 30 days: Identify affected systems running the Mailbox SOAP service within a FolderAction operation. Th and apply vendor patches as part of regular patch cycle. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +22

POC: 0

EUVD-2026-13692 vulnerability details – vuln.today

Back

EUVD-2026-13692

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Share

EUVD-2026-13692

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code