RULE(RULE ID:323770)

Rule General Information
Release Date: 2019-11-28
Rule Name: Zimbra Collaboration Autodiscover Servlet ProxyServlet SSRF Vulnerability (CVE-2019-9621)
Rule Protection Details
Description: Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.
Impact: An attacker could exploit this vulnerability to have unspecified effect.
Affected OS: Windows, Others
Reference: ExploitDB:46693
The vendors have released upgrade patches to fix vulnerabilities, please visit: