SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Zimbra SSRF privilege escalation attempt
This event is generated when an attempt is made to elevate privileges within Zimbra to a global administrator. Impact: Attempted Administrator Privilege Gain Details: To gain global administrator privileges, normally a call is made to port 7071 of the Zimbra server to gain an administrator token. Due to a coding deficiency within the proxy module, a remote user may craft a request to the proxy service to exploit a SSRF to this port which is typically only accessible on the local network. Ease of Attack: Medium
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2019-9621 |
Loading description
|