PULSE
LIVE37signals / 24h
FEED
ransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Foundransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomchaos reclama a radiax.com · US · Technologyransominterlock reclama a Converting Equipment International · GB · Manufacturingransomblack x reclama a sanaa · YE · Not Foundransomthegentlemen reclama a Tangram Interiors · GB · Business Servicesransomthegentlemen reclama a BRAC · BD · Business Servicesransomthegentlemen reclama a Customs Watch · US · Public Sectorransomthegentlemen reclama a Gallant · FI · Not Found
← All CVEs
CVE Watch

CVE-2024-45519

Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability

CVSS

No CVSS

EPSS

99.9%

p100

KEV

YES

Oct 3, 2024

Exploit Today

80

0-100

Published: · Last modified:

EPSS · 30d
99.9%EPSS · 30 days100.0%
2026-06-302026-07-16
KEV catalog record

Product

Synacor / Zimbra Collaboration Suite (ZCS)

Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability

Added to KEV

Oct 3, 2024

Remediate by

Oct 24, 2024

Known ransomware use

No

Summary description

Synacor Zimbra Collaboration Suite (ZCS) contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands.

Required action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories ; https://nvd.nist.gov/vuln/detail/CVE-2024-45519

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2019-9670
100.0%
KEV80Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
CVE-2022-27925
99.9%
KEV80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
CVE-2022-41352
99.9%
KEV80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
CVE-2022-37042
99.8%
KEV80Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability
CVE-2022-27924
99.7%
KEV80Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability
CVE-2019-9621
99.6%
KEV80Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability