InfoSecBulletin Cybersecurity for mankind
Zimbra Collaboration revealed three new security vulnerabilities identified as CVE-2024-33533, CVE-2024-33535, and CVE-2024-33536, affecting versions 9.0 and 10.0, which could put users at risk of cross-site scripting and local file inclusion attacks.
Technical Breakdown of the Vulnerabilities:
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
CVE-2024-33533: The Zimbra webmail admin interface has a vulnerability. It doesn’t properly validate the ‘packages’ parameter. An attacker who is authenticated could exploit this vulnerability to inject and run harmful JavaScript code in another user’s browser session.
CVE-2024-33535: There is a flaw in a web application that allows unauthenticated local file inclusion. This flaw is related to how the ‘packages’ parameter is handled. An attacker can use this vulnerability to include any local file without authentication. This could give them unauthorized access to sensitive information in a specific directory.
CVE-2024-33536: This vulnerability allows an attacker to execute arbitrary JavaScript code in another user’s browser session. It occurs due to insufficient input validation of the ‘res’ parameter, similar to CVE-2024-33533.
Immediate Action Required:
Zimbra Collaboration users are strongly advised to promptly install the latest security patches due to the severity of new vulnerabilities. Failure to do so could lead to data breaches, compromised systems, and major operational issues.
Security experts stress the importance of promptly applying patches once they are released. They advise organizations using Zimbra Collaboration Suite to review their security policies and practices to reduce potential risks.
Organizations using Zimbra Collaboration Suite should stay alert and proactive by applying security updates and monitoring for any suspicious activity. To prevent cross-site scripting threats, it’s important to use strong input validation and output encoding practices.
