CVE-2023-41106: Zimbra Collaboration Suite Vulnerability Could Allow Unauthenticated Access

A critical security vulnerability has been discovered in the Zimbra Collaboration Suite that could allow an unauthenticated attacker to gain access to a Zimbra account.

The vulnerability, tracked as CVE-2023-41106, is a one-click vulnerability that can be exploited by sending a malicious link to a Zimbra user. When the user clicks on the link, they will be tricked into providing their Zimbra credentials, which the attacker can then use to access their account.

The CVE-2023-41106 vulnerability affects all versions of the Zimbra Collaboration Suite, including the latest version, Daffodil 10.0.3. The vulnerability has been fixed in the following patches:

• Daffodil 10.0.3
• 9.0.0 Kepler Patch 35
• 8.8.15 Joule Patch 42

If you are using an affected version of Zimbra Collaboration Suite, it is important to install the latest patch as soon as possible. You can find the patches on the Zimbra website.

In the meantime, there are a few manual mitigation steps that you can take to protect your account:

• Do not click on any links from untrusted sources.
• Be careful about what information you enter into forms on websites.
• Enable two-factor authentication for your Zimbra account.

Last month, Zimbra patched a zero-day vulnerability that was being exploited in XSS attacks. The vulnerability, tracked as CVE-2023-38750, is a reflected Cross-Site Scripting (XSS) flaw that could allow an attacker to inject malicious code into a Zimbra user’s browser.

The XSS vulnerability was discovered by security researcher Clément Lecigne of Google Threat Analysis Group. Zimbra released a patch for the vulnerability on July 15, 2023.

If you are using Zimbra Collaboration Suite, it is important to keep your software up to date to protect yourself from security vulnerabilities. You can download the latest patches from the Zimbra website.