A critical vulnerability in Zimbra Collaboration, known as CVE-2024-45519, has been identified in the Zimbra’s post-journal service. This flaw could allow for remote code execution (RCE), enabling attackers to execute arbitrary commands with the privileges of the Zimbra user. Consequently, they may be able to install programs or access, modify, or delete data.

Systems Affected:

• Zimbra Collaboration versions prior to 9.0.0 Patch 41.

• Zimbra Collaboration versions prior to 10.0.9.

• Zimbra Collaboration versions prior to 10.1.1.

• Zimbra Collaboration versions prior to 8.8.15 Patch 46.

Security Risks

Successful exploitation of this vulnerability in Zimbra can result in a complete compromise of the server. This allows attackers to execute malicious commands and gain access to sensitive data.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

• Follow Zimbra's Security Advisories to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

        The released software version to upgrade to, are but are not limited to:

• Zimbra Collaboration versions 9.0.0 Patch 41.

• Zimbra Collaboration versions 10.0.9.

• Zimbra Collaboration versions 10.1.1.

• Zimbra Collaboration versions 8.8.15 Patch 46.

Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

• Zimbra Security Advisories

• https://www.zimbra.com/product/download/