Threat Intelligence
Proof of concept code has been released for CVE-2024-45519.
Systems Affected
- Zimbra Collaboration versions prior to 9.0.0 Patch 41
- Zimbra Collaboration versions prior to 10.0.9
- Zimbra Collaboration versions prior to 10.1.1
- Zimbra Collaboration versions prior to 8.8.15 Patch 46
Risk
Government:
- Large and medium government entities: Medium
- Small government entities: Medium
Businesses:
- Large and medium business entities: Medium
- Small business entities: Medium
Home Users: Low
Recommendations
- Apply appropriate updates provided by Zimbra to vulnerable systems immediately after appropriate testing.
- Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.
- Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems.
- Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.
Reporting
The NJCCIC encourages recipients who discover signs of malicious cyber activity to contact the NJCCIC via the cyber incident report form at www.cyber.nj.gov/report.
Please do not hesitate to contact the NJCCIC at njccic@cyber.nj.gov <wbr />with any questions. Also, for more background on our recent cybersecurity efforts, please visit cyber.nj.gov.
