CVE-2019-9670 — Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
2022-01-10 • CISA Known Exploited Vulnerability
[event] Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Synacor |
| Product | Zimbra Collaboration Suite (ZCS) |
| CWE | CWE-611 |
| CVE ID | CVE-2019-9670 |
| Date Added | 2022-01-10 |
| Due Date | 2022-07-10 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-07-10