Critical Command Execution Flaw in Zimbra Under Active Exploitation
Red | Vulnerability Report
Download PDFCVE-2024-45519 is a critical vulnerability in the Zimbra Collaboration Suite that allows unauthenticated remote command execution due to an OS command injection flaw in the postjournal service. The vulnerability has been actively exploited, with attackers installing web shells and executing arbitrary commands. Exploitation risks include privilege escalation and full system compromise, making it crucial for organizations to apply patches immediately or disable the postjournal service if not needed.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox