CNNVD-202512-2652 Information
CNNVD ID
CNNVD-202512-2652
Related CVE
- CNNVD Published: 2025-12-15
Description (Chinese)
Zimbra Collaboration是Zimbra公司的一个开源企业级电子邮件与协作平台,支持邮件、日历、文档管理及团队协作功能。 Zimbra Collaboration 10.0版本和10.1版本存在安全漏洞,该漏洞源于Flickr Zimlet中硬编码API密钥,可能导致凭据泄露。
Description (English)
Zimbra Collaboration is an open-source enterprise e-mail and collaboration platform for Zimbra to support mail, calendar, document management and teamwork functions. There is a security loophole in Zimbra Collation, Version 10.0 and Version 10.1, which originates from the hard-coded API key in Flickr Zimlet, which may lead to the disclosure of evidence.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Zimbra
Published
2025-12-15
Last Modified
2026-02-24
References
https://wiki.zimbra.com/wiki/Security_Center https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories https://access.redhat.com/security/cve/cve-2025-67809
Patch
https://wiki.zimbra.com/wiki/Security_Center
Share on: