CVE-2025-25065

SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints.
Configurations

No configuration.

History

13 Mar 2025, 21:15

Type Values Removed Values Added
CWE CWE-918
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3

18 Feb 2025, 19:15

Type Values Removed Values Added
CWE CWE-918
CVSS v2 : unknown
v3 : 5.3
v2 : unknown
v3 : unknown

04 Feb 2025, 16:15

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad SSRF en el analizador de fuentes RSS en Zimbra Collaboration 9.0.0 antes del parche 43, 10.0.x antes de 10.0.12 y 10.1.x antes de 10.1.4 permite la redirección no autorizada a la red interna endpoints.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CWE CWE-918

03 Feb 2025, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-02-03 20:15

Updated : 2025-03-13 21:15


NVD link : CVE-2025-25065

Mitre link : CVE-2025-25065

CVE.ORG link : CVE-2025-25065


JSON object : View

Products Affected

No product.

CWE
CWE-918

Server-Side Request Forgery (SSRF)