Description
Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operation. The application fails to properly sanitize user-supplied input before incorporating it into an LDAP search filter. An authenticated attacker can exploit this issue by sending a crafted SOAP request that manipulates the LDAP query, allowing retrieval of sensitive directory attributes.
Published: 2026-03-20
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Attribute Disclosure
Action: Patch Immediately
AI Analysis

Impact

An LDAP injection flaw exists in the Mailbox SOAP service of Zimbra Collaboration Suite 10.0 and 10.1. The vulnerability allows an authenticated attacker to inject crafted LDAP search filters through a FolderAction SOAP request, enabling the retrieval of sensitive directory attributes. This can lead to confidentiality compromise, exposing user attributes such as email addresses and directory entries that should remain private.

Affected Systems

The flaw affects Zimbra Collaboration Suite 10.0 and 10.1. This includes the ZCS product received from Synacor. Versions prior to 10.0 and later releases beyond 10.1 are not listed as affected in the CNA data.

Risk and Exploitability

The CVSS base score of 4.3 indicates a moderate impact, while the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The attack requires valid authentication, meaning attackers need compromised credentials or privileged access. The vulnerability is not currently listed in the CISA KEV catalog. Despite the limited exploitation window, the ability to expose sensitive directory information warrants prompt remediation.

Generated by OpenCVE AI on April 2, 2026 at 04:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the ZCS patch version 10.1.16 or higher from Zimbra’s Security Advisories
  • Verify the patch has been applied by confirming the new version number and testing the SOAP service
  • If the system cannot be upgraded immediately, restrict access to the SOAP service to authorized users only using firewall or ACLs
  • Monitor logs for anomalous SOAP requests that may indicate exploitation attempts
  • Keep the system updated with future security patches

Generated by OpenCVE AI on April 2, 2026 at 04:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title LDAP Injection in Zimbra Collaboration Mailbox SOAP Service

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Synacor
Synacor zimbra Collaboration Suite
CPEs cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:*
Vendors & Products Synacor
Synacor zimbra Collaboration Suite

Wed, 25 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Title LDAP Injection in Zimbra Collaboration Mailbox SOAP Service

Mon, 23 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-20
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Zimbra
Zimbra collaboration
Vendors & Products Zimbra
Zimbra collaboration

Fri, 20 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Description Zimbra Collaboration (ZCS) 10.0 and 10.1 contains an LDAP injection vulnerability in the Mailbox SOAP service within a FolderAction operation. The application fails to properly sanitize user-supplied input before incorporating it into an LDAP search filter. An authenticated attacker can exploit this issue by sending a crafted SOAP request that manipulates the LDAP query, allowing retrieval of sensitive directory attributes.
References

Subscriptions

Synacor Zimbra Collaboration Suite
Zimbra Collaboration
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-23T13:36:25.874Z

Reserved: 2026-03-19T00:00:00.000Z

Link: CVE-2026-33369

cve-icon Vulnrichment

Updated: 2026-03-23T13:36:03.252Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T14:16:16.017

Modified: 2026-04-01T15:36:59.913

Link: CVE-2026-33369

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:59:41Z

Weaknesses