GCVE - cpe:2.3:a:zimbra:zimbra_collaboration

Approved changes feed: RSS · Atom

cpe:2.3:a:zimbra:zimbra_collaboration_suite:8.6.0:p6:*:*:*:*:*:*

part: a version: 8.6.0 update: p6

Vendor	Zimbra (`2c2042e1-5f4a-5590-841f-bd7953d2bb5f`)
Product	Zimbra Collaboration Suite (`4a7b044c-25a8-5355-8c2f-e483f422753f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/zimbra/zm-build`	purl2cpe	2026-06-01 10:12:36.259554

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2015-7610`	vulnerable	2026-06-08 05:07:01.537790	Details available Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token. Published: 2018-05-30T21:00:00.000Z Updated: 2024-08-06T07:51:28.630Z Open on db.gcve.eu Reference links https://blog.zimbra.com/2018/04/new-patches-for-you-zimbra-8-8-8-turing-patch-1-zimbra-8-7-11-patch-2/ https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.8/P1 https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.11/P2 https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.