(An Autonomous Body Recognized by Ministry of Commerce & Industry, Government of India)
Competency based placement focussed Education | Training | Research | Consultancy
Zimbra Issues Urgent Patch for Critical SSRF Vulnerability
A critical Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration Suite has prompted urgent security updates. The flaw, located in the chat proxy configuration module, could let attackers exploit improperly validated URLs to access internal systems or sensitive user data. Affecting versions 10.1.5 through 10.1.11, the issue allows crafted requests to route through Zimbra’s internal network, potentially exposing configuration files, tokens, or credentials. While deployment risk is considered low, the severity remains high due to possible privilege abuse and data exposure. Zimbra has released version 10.1.12 to patch the flaw and improve performance stability. Administrators are advised to install the update immediately, review the 10.1.12 Release Notes, and monitor access logs for suspicious internal traffic. Timely patching and configuration hardening are essential to safeguard enterprise collaboration systems from SSRF exploitation and related threats.
18-10-2025
đź“° Recent News
- Cryptocurrency Mixer Sanctioned for Facilitating Ransomware Payments
- Law Firm Cyberattack Raises Concerns Over Sensitive Case Files
- Healthcare Data Broker Fined Over Inadequate De-Identification Practices
- New Stealthy Remote Access Trojan Targets Software Developers
- Global Hotel Chain Confirms Breach of Loyalty Accounts
- CISA Adds Critical Adobe Experience Manager Flaw to Known Exploited Vulnerabilities Catalog
- OtterCandy: WaterPlum’s Cross‑Platform RAT Targets Job Seekers with Fake Blockchain Interviews
- UNC5142 Exploits Blockchain and WordPress to Spread Info Stealers
- TikTok Malware Campaign Tricks Users with Fake Software Activations
- Zimbra Issues Urgent Patch for Critical SSRF Vulnerability