Zimbra 8.7-8.7.11 Patch 10 Vulnerability — NSA | CSS Cybersecurity Advisory

Dear Zimbra Customer, Partners & Friends,
Zimbra was listed in the April 15, 2021 NSA|CSS cybersecurity advisory related to CVE-2019-9670. The vulnerability is limited to versions 8.7 – 8.7.11 Patch 10, which are end-of-life. All versions before and after are not affected. Any production system running these versions should be upgraded to 8.7.11 Patch 11 or higher and should be considered potentially compromised. We recommend migrating these systems to a supported version as soon as possible, and if you need guidance, please open a Zimbra Support case.
Your Zimbra Team
Comments are closed.

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures