Technology

CERT-In identifies multiple high-severity vulnerabilities in Zimbra web-client and email platform

The vulnerabilities in Zimbra can be exploited by attackers to execute arbitrary code and bypass security restrictions on targeted systems 

The vulnerabilities in Zimbra can be exploited by attackers to execute arbitrary code and bypass security restrictions on targeted systems  | Photo Credit: Getty Images

The vulnerabilities in Zimbra, an email client competing with established products like Microsoft Outlook, Amazon WorkMail and Yahoo Business Mail, exist due to bugs in authentication processes, path traversal and remote code execution. 

(Sign up to our Technology newsletter, Today’s Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

The remote code execution vulnerability can be used by an attacker with administrative rights to execute a specially crafted request to upload arbitrary files. After gaining entry, the attacker can traverse directories and access codes, data, credentials, and sensitive operating files. The vulnerability exists due to improper uploading of files by mboximport function.

The authentication bypass vulnerability can be exploited by a remote attacker by sending a specially crafted request on the targeted system. Successful exploitation of this vulnerability can allow attackers to bypass security restrictions on the system and stage further attacks. The vulnerability also exists due to improper uploading of files by the mboximport function. 

The vulnerability in path traversal can allow an unauthenticated attacker to gain access to sensitive information on the target system by executing arbitrary code on the targeted system. This vulnerability exists in the Unrar utility tool used in Zimbra due to improper limitation of path name to a restricted directory.

The alert from CERT-In also noted that the vulnerabilities in remote code execution when used in conjunction with vulnerabilities in path traversal can allow attackers to remotely execute attacks that can result in severe criticality and compromise the servers used by Zimbra’s mail services.

CERT-In noted that the high severity vulnerabilities exist in Zimbra collaboration versions prior to 9.00.0, 8.8.15 and RARLAB UnRAR prior to 6.12 on Linux and UNIX.  

Application of latest software fixes available on Zimbra’s website has been suggested to fix these vulnerabilities. 


Our code of editorial values

  1. Comments will be moderated by The Hindu editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.

Printable version | Aug 17, 2022 5:59:30 pm | https://www.thehindu.com/sci-tech/technology/cert-in-identifies-multiple-high-severity-vulnerabilities-in-zimbra-web-client-and-email-platform/article65779219.ece