GCVE - cpe:2.3:a:zimbra:collaboration_server:8.6.0:p11:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:zimbra:collaboration_server:8.6.0:p11:*:*:*:*:*:*

part: a version: 8.6.0 update: p11

Vendor	Zimbra (`2c2042e1-5f4a-5590-841f-bd7953d2bb5f`)
Product	Collaboration Server (`4208f23b-281c-5d03-a238-e9a6ad7b36fe`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/zimbra/zm-build`	purl2cpe	2026-06-01 10:12:36.138624
`pkg:sourceforge/zimbra`	purl2cpe	2026-06-01 10:12:36.138625

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2019-9621`	vulnerable	2026-06-08 05:14:25.816161	Details available Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. Published: 2019-04-30T17:40:53.000Z Updated: 2025-10-21T23:45:38.514Z Open on db.gcve.eu Reference links https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories https://wiki.zimbra.com/wiki/Security_Center https://bugzilla.zimbra.com/show_bug.cgi?id=109127 http://www.rapid7.com/db/modules/exploit/linux/http/zimbra_xxe_rce http://packetstormsecurity.com/files/152487/Zimbra-Collaboration-Autodiscover-Servlet-XXE-ProxyServlet-SSRF.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.