{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p10" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p12" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p13" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p14" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p15" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p16" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p4" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p7" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p8" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "8.8.15-p9" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p3" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p8" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "9.0.0-p9" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "8.8.15" }, { "introduced": "0" }, { "last_affected": "8.8.15-NA" }, { "introduced": "0" }, { "last_affected": "8.8.15-p1" }, { "introduced": "0" }, { "last_affected": "8.8.15-p11" }, { "introduced": "0" }, { "last_affected": "8.8.15-p3" }, { "introduced": "0" }, { "last_affected": "8.8.15-p5" }, { "introduced": "0" }, { "last_affected": "9.0.0-NA" }, { "introduced": "0" }, { "last_affected": "9.0.0-p1" }, { "introduced": "0" }, { "last_affected": "9.0.0-p4" }, { "introduced": "0" }, { "last_affected": "9.0.0-p7" } ] }, "events": [ { "introduced": "0" }, { "fixed": "ac6081fa002b1511e926aba37740d2b6c20f3f43" }, { "introduced": "0" }, { "last_affected": "ac6081fa002b1511e926aba37740d2b6c20f3f43" }, { "introduced": "0" }, { "last_affected": "29eea219faf34718f0ef1cda7c3f02c89910c96c" }, { "introduced": "0" }, { "last_affected": "29eea219faf34718f0ef1cda7c3f02c89910c96c" }, { "introduced": "0" }, { "last_affected": "905970576d6fe337150f09c0ad7a0f53aa1a8f42" }, { "introduced": "0" }, { "last_affected": "0e40da921adb967639011de45841cef4c4601413" }, { "introduced": "0" }, { "last_affected": "b6cd8f69d2761c014d4a3807f0bdee0011386444" }, { "introduced": "0" }, { "last_affected": "5561a39cba0898c3bb5e188284d98f498d7a3c9a" }, { "introduced": "0" }, { "last_affected": "03d99a16095b73a73770fbb6131d10234cfc13fd" }, { "introduced": "0" }, { "last_affected": "bcb978ccc354d99d843725886083e321759b6765" } ], "repo": "https://github.com/zimbra/zm-build", "type": "GIT" } ] } ], "details": "In Zimbra Collaboration Suite Network Edition versions \u003c 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17.", "id": "CVE-2020-35123", "modified": "2026-04-01T23:09:27.856465135Z", "published": "2020-12-17T04:15:12.840Z", "references": [ { "type": "WEB", "url": "https://wiki.zimbra.com/wiki/Security_Center" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P17" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P10" }, { "type": "ADVISORY", "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }