Zimbra not affected by log4j (CVE-2021-44228)
After intensive review and testing, Zimbra Development determined that the 0-day exploit vulnerability for log4j (CVE-2021-44228) does not affect the current Supported Zimbra versions (9.0.0 & 8.8.15). Zimbra Collaboration Server currently uses log4j1 version 1.2.16 which doesn't contain the lookup expression feature that is found within versions 2.0 to 2.17, which is the cause of the vulnerability. Also, Redhat (CVE-2021-4104) vulnerability does not affect the Zimbra Collaboration Server version (8.8.15 & 9.0.0). For this vulnerability to affect the server, it needs JMSAppender, which the ZCS Server does not use, and the ability to append configuration files.


Forum to discuss, report issues, or provide feedback about Zimbra Mobile Plus
Posts: 1
Joined: Mon Aug 10, 2020 1:49 pm


Postby John4458 » Mon Aug 10, 2020 1:52 pm

I post in this forum, even if it's not really "alive".

I converted an NE to OS, and installed Zimbra Suite Plus on it.
Now, when I send a reply from mobile, the email is not shown in the same thread as the original email, I checked the "thread-index" field and it's different.

With NE, I didn't have this problem.

Checked with a Samsung S6, the EAS version is 2.5 (default for samsung mobiles, in zsp console).


Posts: 3
Joined: Thu Apr 15, 2021 12:40 am

Re: index

Postby vdou » Thu Apr 15, 2021 12:50 am


How did you get mobile login to work? Are you using Exchange Active sync? I cannot get it to work on 8.8.15 it says cannot detect autodiscover.xml

Return to “Zimbra Mobile Plus”

Who is online

Users browsing this forum: No registered users and 2 guests