Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2021-34807

An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any URL via isredirect=1&redirectURL= in conjunction with the token data (e.g., a valid authtoken= value).

  • Published: Jul 2, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-34807
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
zimbra / collaboration 9.0.0 9.0.0.x
zimbra / collaboration 9.0.0-p2 9.0.0-p2.x
zimbra / collaboration 9.0.0-p3 9.0.0-p3.x
zimbra / collaboration 9.0.0-p4 9.0.0-p4.x
zimbra / collaboration 9.0.0-p5 9.0.0-p5.x
zimbra / collaboration 9.0.0-p6 9.0.0-p6.x
zimbra / collaboration 9.0.0-p7 9.0.0-p7.x
zimbra / collaboration 9.0.0-p8 9.0.0-p8.x
zimbra / collaboration 9.0.0-p9 9.0.0-p9.x
zimbra / collaboration 9.0.0-p1 9.0.0-p1.x
zimbra / collaboration 8.8.15-p10 8.8.15-p10.x
zimbra / collaboration 8.8.15-p11 8.8.15-p11.x
zimbra / collaboration 8.8.15-p16 8.8.15-p16.x
zimbra / collaboration 8.8.15-p15 8.8.15-p15.x
zimbra / collaboration 8.8.15-p14 8.8.15-p14.x
zimbra / collaboration 8.8.15-p13 8.8.15-p13.x
zimbra / collaboration 8.8.15-p12 8.8.15-p12.x
zimbra / collaboration 8.8.15-p1 8.8.15-p1.x
zimbra / collaboration 8.8.15-p2 8.8.15-p2.x
zimbra / collaboration 8.8.15-p3 8.8.15-p3.x
zimbra / collaboration 8.8.15-p4 8.8.15-p4.x
zimbra / collaboration 8.8.15-p5 8.8.15-p5.x
zimbra / collaboration 8.8.15-p6 8.8.15-p6.x
zimbra / collaboration 8.8.15-p7 8.8.15-p7.x
zimbra / collaboration 8.8.15-p8 8.8.15-p8.x
zimbra / collaboration 8.8.15-p9 8.8.15-p9.x
zimbra / collaboration 8.8.15 8.8.15.x
zimbra / collaboration - 8.8.15
zimbra / collaboration 8.8.15-p17 8.8.15-p17.x
zimbra / collaboration 8.8.15-p18 8.8.15-p18.x
zimbra / collaboration 8.8.15-p19 8.8.15-p19.x
zimbra / collaboration 9.0.0-p10 9.0.0-p10.x
zimbra / collaboration 9.0.0-p11 9.0.0-p11.x
zimbra / collaboration 9.0.0-p12 9.0.0-p12.x
zimbra / collaboration 9.0.0-p13 9.0.0-p13.x
zimbra / collaboration 9.0.0-p14 9.0.0-p14.x
zimbra / collaboration 9.0.0-p15 9.0.0-p15.x
zimbra / collaboration 8.8.15-p20 8.8.15-p20.x
zimbra / collaboration 8.8.15-p21 8.8.15-p21.x
zimbra / collaboration 8.8.15-p22 8.8.15-p22.x