CVE-2018-15131

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-15131
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-15131.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-15131
Published
2019-05-30T16:29:00.980Z
Modified
2026-03-12T22:46:18.180496Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests.

References

Affected packages

Git / github.com/zimbra/zm-build

Affected ranges

Type
GIT
Repo
https://github.com/zimbra/zm-build
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
6c3c77b328a0d7d3bafecb79d202960217922ef0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
99ed312c10c45aa80e08be0c0ecbce46a53a4ace
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d077c8d575b8d2ea5ef93331958237b22e42e6f7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2705a9ca4782dcc4bea5f7d3653c2bf93f8582bb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0867fcb7263fa9a1130b192d8c8538b05db4eee6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4a8e4bee73cd2c8e5804788ef5212d0d180f5846
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a12f6b5f02776dff1d0554a7998ae6c6ee0dd820
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5401294d39c5d8512e7d24bd2d10ebac76e2b04c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5401294d39c5d8512e7d24bd2d10ebac76e2b04c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5401294d39c5d8512e7d24bd2d10ebac76e2b04c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5401294d39c5d8512e7d24bd2d10ebac76e2b04c
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5000d7ff7c8650dbfff91678647fabc2bbf0e64b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5000d7ff7c8650dbfff91678647fabc2bbf0e64b
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.7.11-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.7.11-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.7.11-p2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.7.11-p3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.7.11-p4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.7.11-p5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.8-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.8-p1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.8-p3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.8-p4"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.8-p7"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.9-NA"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.9-p1"
        }
    ]
}
Type
GIT
Repo
https://github.com/zimbra/zm-mailbox
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e32cd3fb01fec6460318a5fceb1e00da6f4b884e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d3c6ef3616ff8d06555806b60d3a4aa5a3ab6d92
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.8-p6"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.8.9-p2"
        }
    ]
}

Affected versions

8.*
8.7.10
8.7.11
8.7.6
8.7.7
8.7.9
8.8.0.beta1
8.8.2
8.8.3
8.8.4
8.8.5
8.8.6
8.8.7
8.8.8
8.8.8.p1
8.8.8.p3
8.8.8.p4
8.8.8.p6
8.8.9
8.8.9.p1
8.8.9.p2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-15131.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "8.7.0"
            },
            {
                "fixed": "8.7.11"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "8.8.0"
            },
            {
                "fixed": "8.8.8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-NA"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p10"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p8"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.6.0-p9"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.8.8-p2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.8.8-p5"
            }
        ]
    }
]