Zimbra case-study thumbnail

Identifying a vulnerability in Zimbra software


CVE short for Common Vulnerabilities and Exposures is a globally recognized system managed by MITRE Corporation. It standardizes the identification and cataloging of software vulnerabilities, assigning unique reference numbers to each allowing easy tracking and reference across different platforms. This centralized database plays a crucial role in enhancing cybersecurity practices as it promotes information sharing, collaboration, and awareness of vulnerabilities, facilitating proactive remediation efforts and improving software security across industries.

About the CVE

CVE was listed in Zimbra Security advisories.

The CVE ID is CVE-2023-34193. The CVE was listed in Zimbra’s security advisories.


Our team found a vulnerability in Zimbra software where we worked with a vendor to get the CVE listed.

What We Found

We discovered a high-level vulnerability called “Remote Code Execution (RCE)”. RCE vulnerability can provide an attacker with full access to control over a compromised device, making it one of the most dangerous and critical types of vulnerability.

Brief About What We Found

We found a Remote Code Execution vulnerability by logging in with an admin user. Navigated to Tools and Migration, and then Client Upload and Upload the JSP shell.

Navigateing the URL

Later on, we visited to the URL and observed the response with a list of all files. The remediation to this vulnerability is by implementing buffer overflow protection, Implementing WAF (Web Application Firewall), Monitoring your application, Input sanitization, and Access Control.

We Helped Them Mitigate the Following Risk

Remote code execution

Remote code Execution (RCE) is a cyber-attack that allows an attacker to remotely execute commands on a victim’s device. It often occurs via malicious malware downloads regardless of the device’s geographic location. The attacker scans for vulnerabilities, exploits them, gains access, and executes malicious code for various objectives, such as data theft, fund diversion, surveillance or service disruption.


Business Risks We Prevented

  • Initial Access
  • Information Disclosure
  • Information Theft
  • Crytomining
  • Ransomware

Comments are closed.