Security Alert: Critical Security Vulnerability in Zimbra Classic Web Client
A critical vulnerability has been identified in the Zimbra Collaboration Suite (ZCS) Classic Web Client. Exploitation may allow malicious code execution through crafted emails, leading to unauthorized access to mailbox data and account settings.
Affected Systems:
Zimbra Collaboration Suite (ZCS): Systems using the Classic Web Client with versions prior to 10.1.19.
Security Risks
Successful exploitation could enable attackers to run malicious code when a crafted email is opened. This may result in unauthorized access to user sessions, mailbox contents, or account configuration.
The National Cyber Security Authority (NCSA) recommends users and system administrators to:
1. Update affected Zimbra Collaboration Suite (ZCS) Classic Web Client installations as soon as possible to the latest supported security releases to address the vulnerability.