Skip to main content

Zarafa Collaboration Platform

3 CVEs product

Monthly

CVE-2015-6566 HIGH This Week

zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zarafa Collaboration Platform Fedora
NVD
CVSS 3.0
8.4
EPSS
0.0%
CVE-2015-3436 MEDIUM This Month

provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zarafa Collaboration Platform
NVD
CVSS 2.0
6.6
EPSS
0.0%
CVE-2014-9465 MEDIUM POC This Month

senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Fedora Webapp Zarafa Collaboration Platform
NVD
CVSS 2.0
5.0
EPSS
2.5%
EPSS 0% CVSS 8.4
HIGH This Week

zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zarafa Collaboration Platform Fedora
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zarafa Collaboration Platform
NVD
EPSS 3% CVSS 5.0
MEDIUM POC This Month

senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Fedora +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy