{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Zimbra Daffodil versions ant\u00e9rieures \u00e0 10.1.1","product":{"name":"Zimbra Collaboration","vendor":{"name":"Synacor","scada":false}}},{"description":"Zimbra Collaboration Kepler versions ant\u00e9rieures \u00e0 9.0.0 Patch 41","product":{"name":"Zimbra Collaboration","vendor":{"name":"Synacor","scada":false}}},{"description":"Zimbra Collaboration Joule versions ant\u00e9rieures \u00e0 8.8.15 Patch 46","product":{"name":"Zimbra Collaboration","vendor":{"name":"Synacor","scada":false}}},{"description":"Zimbra Collaboration Daffodil versions ant\u00e9rieures \u00e0 10.0.9","product":{"name":"Zimbra Collaboration","vendor":{"name":"Synacor","scada":false}}}],"affected_systems_content":"","content":"## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des correctifs (cf. section Documentation).","cves":[{"name":"CVE-2024-45194","url":"https://www.cve.org/CVERecord?id=CVE-2024-45194"},{"name":"CVE-2024-38356","url":"https://www.cve.org/CVERecord?id=CVE-2024-38356"},{"name":"CVE-2024-45513","url":"https://www.cve.org/CVERecord?id=CVE-2024-45513"},{"name":"CVE-2024-45511","url":"https://www.cve.org/CVERecord?id=CVE-2024-45511"},{"name":"CVE-2024-45514","url":"https://www.cve.org/CVERecord?id=CVE-2024-45514"},{"name":"CVE-2024-45512","url":"https://www.cve.org/CVERecord?id=CVE-2024-45512"},{"name":"CVE-2024-45516","url":"https://www.cve.org/CVERecord?id=CVE-2024-45516"},{"name":"CVE-2024-45519","url":"https://www.cve.org/CVERecord?id=CVE-2024-45519"},{"name":"CVE-2024-45515","url":"https://www.cve.org/CVERecord?id=CVE-2024-45515"},{"name":"CVE-2024-45518","url":"https://www.cve.org/CVERecord?id=CVE-2024-45518"},{"name":"CVE-2024-45510","url":"https://www.cve.org/CVERecord?id=CVE-2024-45510"},{"name":"CVE-2024-45517","url":"https://www.cve.org/CVERecord?id=CVE-2024-45517"}],"links":[],"reference":"CERTFR-2024-AVI-0742","revisions":[{"description":"Version initiale","revision_date":"2024-09-05T00:00:00.000000"}],"risks":[{"description":"Injection de code indirecte \u00e0 distance (XSS)"},{"description":"Ex\u00e9cution de code arbitraire"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Synacor Zimbra Collaboration. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l'\u00e9diteur.","title":"Multiples vuln\u00e9rabilit\u00e9s dans Synacor Zimbra Collaboration","vendor_advisories":[{"published_at":"2024-09-04","title":"Bulletin de s\u00e9curit\u00e9 Synacor Zimbra Collaboration 8.8.15","url":"https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46"},{"published_at":"2024-09-04","title":"Bulletin de s\u00e9curit\u00e9 Synacor Zimbra Collaboration 10.0.9","url":"https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9"},{"published_at":"2024-09-04","title":"Bulletin de s\u00e9curit\u00e9 Synacor Zimbra Collaboration 9.0.0","url":"https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41"},{"published_at":"2024-09-04","title":"Bulletin de s\u00e9curit\u00e9 Synacor Zimbra Collaboration 10.1.1","url":"https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1"}]}