2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2018-10950" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2018-05-10T01:29:05.707" ,
2024-11-23 09:11:19 +00:00
"lastModified" : "2024-11-21T03:42:22.690" ,
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump."
} ,
{
"lang" : "es" ,
"value" : "mailboxd en Zimbra Collaboration Suite, en versiones 8.8 anteriores a la 8.8.8; versiones 8.7 anteriores a la 8.7.11.Patch3 y versiones 8.6 anteriores a la 8.6.0.Patch10, permite la exposici\u00f3n de informaci\u00f3n mediante mensajes de error verbose que contienen un volcado de pila, datos de rastreo o un volcado completo del contexto del usuario."
}
] ,
"metrics" : {
"cvssMetricV30" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" ,
2024-11-23 09:11:19 +00:00
"baseScore" : 5.3 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "NONE" ,
2024-11-23 09:11:19 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 1.4
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N" ,
2024-11-23 09:11:19 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-11-23 09:11:19 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-200"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "8.7.0" ,
"versionEndExcluding" : "8.7.11" ,
"matchCriteriaId" : "9A91CE8F-5E21-459E-A253-A1706357B82B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "8.8.0" ,
"versionEndExcluding" : "8.8.8" ,
"matchCriteriaId" : "48C99285-82BF-4C22-991C-D3742B19AFED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "09016525-12F2-49D0-A803-E38294FE3EFC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch1:*:*:*:*:*:*" ,
"matchCriteriaId" : "256ABB7E-46FB-471A-95D1-589A2F985BF9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch2:*:*:*:*:*:*" ,
"matchCriteriaId" : "6A4EE384-AB5A-42AB-8BD9-7B41235A3285"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch3:*:*:*:*:*:*" ,
"matchCriteriaId" : "E06F070B-CB6E-46A8-94BE-4C036DDD79AC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch4:*:*:*:*:*:*" ,
"matchCriteriaId" : "C7932C40-61F8-4267-894B-A843D7465571"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch5:*:*:*:*:*:*" ,
"matchCriteriaId" : "72038138-CDB7-4790-A5C7-5F0EC6334A0D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch6:*:*:*:*:*:*" ,
"matchCriteriaId" : "B0677BB2-9D02-4F88-8210-969ECBC23C30"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch7:*:*:*:*:*:*" ,
"matchCriteriaId" : "F182ED10-C40E-4B90-AEBA-0C54B7D1BF6D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch8:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABBDA068-C4C8-4FE7-9E86-8778FD24B8F5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch9:*:*:*:*:*:*" ,
"matchCriteriaId" : "D1C95543-0162-4F9A-A9F5-8D2534210489"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "A98A1461-959C-4FC5-8860-76C3A9605F41"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:patch1:*:*:*:*:*:*" ,
"matchCriteriaId" : "BD265B8F-EA30-4871-86C2-92C04611A947"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:patch2:*:*:*:*:*:*" ,
"matchCriteriaId" : "A2FF8E1C-C700-45D1-B834-E23BF241DCC5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:patch3:*:*:*:*:*:*" ,
"matchCriteriaId" : "BA825F54-5CD7-4D27-88B1-CEEC5AE7EE93"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=108963" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Issue Tracking" ,
"Third Party Advisory"
]
2024-11-23 09:11:19 +00:00
} ,
{
"url" : "https://bugzilla.zimbra.com/show_bug.cgi?id=108963" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking" ,
"Third Party Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
