=====================================================================

                             CERT-Renater

                   Note d'Information No. 2021/VULN064
_____________________________________________________________________

DATE                : 07/02/2022

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Zimbra versions prior to 8.8.15.

=====================================================================
https://blog.zimbra.com/2022/02/hotfix-available-5-feb-for-zero-day-exploit-vulnerability-in-zimbra-8-8-15/
_____________________________________________________________________


Hotfix Available 5 Feb for Zero-day Exploit Vulnerability in Zimbra
8.8.15
by John Eastman on February 4, 2022 in Product News, Community,
Security & Privacy


Hello Zimbra Friends, Customers & Partners,

A new Zero-day exploit has been identified that affects Zimbra 8.8.15.
Since learning of the reported vulnerability, Zimbra engineering has
verified the issue and produced a hotfix (for 8.8.15 p30). The hotfix
will be available to Zimbra customers through Zimbra Support. A
durable fix for the issue is undergoing testing and quality review
and will be made available as an update to 8.8.15p30. The updated
patch is scheduled for availability via our download site on
5 February 2022.

The issue only affects Zimbra 8.8.15 and prior versions. We recommend
that all Zimbra customers use the most recent release available to avoid
any issues.

Thanks,

Your Zimbra Team


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================