: Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 .
Attackers may gain unauthorized access to sensitive internal information or resources. cve20207796 zimbra collaboration suite full
CVE-2020-7796 is a server-side request forgery (SSRF) vulnerability in the Zimbra Collaboration Suite (ZCS) . It allows unauthenticated remote attackers to force the server to make HTTP requests to arbitrary internal or external hosts, effectively using the server as a proxy to bypass firewalls or access sensitive internal data. Vulnerability Details CVE ID: CVE-2020-7796 CVSS Score: 9.8 (Critical) Vulnerability Type: SSRF (CWE-918) : Zimbra Collaboration Suite (ZCS) before 8
The response lists every admin email hash. She extracts admin@logi-core.local . cve20207796 zimbra collaboration suite full
A proof-of-concept exploit has been publicly disclosed, demonstrating how an attacker can exploit the vulnerability to read sensitive files and execute system commands.