Cve20207796 Zimbra Collaboration Suite Full Repack -

The critical oversight: The servlet endpoint that allows proxying to (like the mailboxd admin port on localhost) did not enforce authentication. Even worse, certain endpoints of the servlet allowed execution of system commands via the Command or Extension functionality.

She decides to test on a staging clone.

Upgrade to Zimbra Collaboration Suite 8.8.15 Patch 7 or higher. Alternative Mitigations: cve20207796 zimbra collaboration suite full

Potentially facilitate the delivery of malware like the Dogkild worm. Widespread Exploitation: The critical oversight: The servlet endpoint that allows