⚠️ CISA Known Exploited Vulnerability
Active ThreatThis vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Active exploitation has been observed in the wild. This poses significant risk to federal enterprises and should be prioritized for immediate patching.
CVE-2024-45519
Critical CISA KEV
Low
Medium
High
Critical
10.0
CVSS Score
Published: Oct 02, 2024
Last Modified: Nov 04, 2025
Vulnerability Description
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
C
Confidentiality
H
Integrity
H
Availability
H
Known Affected Software
67 configuration(s) from 1 vendor(s)
zimbra_collaboration_suite
Version:
10.0.4
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.4:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.1
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.1:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.11
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.11:p1:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.3
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.3:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.8
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.8:p1:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.0:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.8
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.8:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.5
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.5:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.3
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.3:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.3
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.3:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.5
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.5:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.6
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.6:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.7
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.7:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.6
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.6:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.2
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.2:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.5
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.5:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.1
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.1:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.4
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.4:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.12
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.12:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.8
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.8:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.6.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.6.0:patch11:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.10
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.10:patch1:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.5
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.5:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.4
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.4:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.7
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.7:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.10
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.10:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.7
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.7:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.7
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.7:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.1
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.1:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.5.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.5.0:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.0:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.9
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.9:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.1
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.1:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.1
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.1:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.4
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.4:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.15
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.15:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.10
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.10:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.0:-:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.2
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.2:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
9.0.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:9.0.0:p4:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.4
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.4:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.15
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.15:p12:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.13
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.13:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.7
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.7:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.2
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.2:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.11
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.11:patch1:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.1.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.1.0:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.9
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.9:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
10.0.3
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:10.0.3:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.12
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.12:-:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.16
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.16:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.5.1
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.5.1:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.6
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.6:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
7.2.7
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:7.2.7:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.9
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.9:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.3
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.3:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.2
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.2:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.2
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.2:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.6
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.6:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.14
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.14:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.6
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.6:p1:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.8.9
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.8.9:patch9:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.0
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.0:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.0.5
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.0.5:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
6.0.8
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.8:*:*:*:*:*:*:*
zimbra_collaboration_suite
Version:
8.7.8
CPE:
cpe:2.3:a:synacor:zimbra_collaboration_suite:8.7.8:*:*:*:*:*:*:*
This vulnerability affects 67 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
https://wiki.zimbra.com/wiki/Security_Centercve@mitre.org Release Notes
-
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixescve@mitre.org Release Notes
-
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixescve@mitre.org Release Notes
-
https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixescve@mitre.org Release Notes
-
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixescve@mitre.org Release Notes
-
https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policycve@mitre.org Not Applicable
-
https://blog.projectdiscovery.io/zimbra-remote-code-execution/134c704f-9b21-4f2e-91b3-4a467353bcc0 Exploit
-
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-45519134c704f-9b21-4f2e-91b3-4a467353bcc0 US Government Resource
Severity Details
10.0
out of 10.0
Critical
CISA KEV Status
Active Exploitation
Listed in CISA's Known Exploited Vulnerabilities catalog
Key Information
- Published Date
- October 02, 2024
