Zimbra 8.7.0 to 8.7.11 Patch 9 servers being exploited

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
User avatar
rleiker
Advanced member
Advanced member
Posts: 149
Joined: Tue Jan 07, 2020 8:23 pm
Location: Kansas City
Contact:

Zimbra 8.7.0 to 8.7.11 Patch 9 servers being exploited

Post by rleiker »

Hi Everyone,

Zimbra was included in a news release yesterday from the NSA as one of the targets of a nation state campaign: https://www.nsa.gov/News-Features/Featu ... lnerabili/

In this campaign, the attackers are exploiting servers running Zimbra 8.7.0 to 8.7.11 Patch 10: https://nvd.nist.gov/vuln/detail/CVE-2019-9670 . The Zimbra 8.7.x series went end of life back on December 31, 2020 and has not received any security updates after this date, so there are many other vulnerabilities in this version that can be exploited.

If there are any older Zimbra 8.7.x servers that you manage, you should upgrade/patch to at least 8.7.11 P14 first, and consider that it is probable your server may already be compromised. Then, promptly start working on migrating to at least 8.8.15 P20, if not 9.0 P13.
Post Reply