A one-click security vulnerability in all versions of Zimbra Collaboration Suite has been discovered that could allow an unauthenticated attacker to gain access to a Zimbra account. To fix this vulnerability install the latest Zimbra patch (by using apt or yum), the vulnerability is fixed in: Daffodil 10.0.3 9.0.0 Kepler Patch 35 8.8.15 Joule Patch […]
Archive | Security & Privacy
Review your Zimbra configuration after updating to the latest patch
It has come to our attention that in some cases postconf settings are not retained when updating to the latest patch (9.0.0.P34, 8.8.15.P41, 10.0.2). Make sure to re-apply any customizations, including TLS cipher configurations you had previously configured using the postconf command. In addition, the latest patch also enabled OpenSSL in FIPS mode, more details […]
Patch for Zimbra Daffodil 10.0.2, 9.0.0 Patch-34 & 8.8.15 Patch-41
Security bug fixes and OpenSSL upgrade Zimbra OpenSSL now runs in FIPS-compliant mode by default. This increases security which requires no additional action on your part. However, should you run into issues, you can find steps to disable OpenSSL FIPS in the release notes. This patch upgrades OpenSSL to major version 3.0.x. To safeguard your […]
Security Update for Zimbra Collaboration Suite Version 8.8.15 CVE-2023-37580
An XSS vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced. We take this matter very seriously and have already taken immediate action to address the issue. Important: This vulnerability has been actively exploited, making it imperative to take immediate action. We strongly recommend […]
Sending incoming email with bad headers to Junk
Email is always evolving and recently Gmail has started to reject email with bad headers for some customers. Rejecting email with bad headers may help protect against DKIM replay attacks (more on replay attacks in an upcoming blog). When we are talking about messages with bad headers, we mean messages that are not compliant with […]
When your security scanner alerts for jspawnhelper in Zimbra
Many administrators rely on third-party security scanners such as Crowdstrike Falcon to analyze their Zimbra server for malicious activity. One process that is frequently reported is jspawnhelper. What is jspawnhelper? While this is not very well documented, jspawnhelper can be run as the result of a call to ProcessBuilder.start() or Runtime.exec() in a java application. […]