CVE-2013-7091 Scanner

Zimbra is an enterprise-level email and collaboration solution designed for organizations of various sizes. This platform provides email, contacts, calendar, and task management features through a web-based interface. It is a popular software due to its ease of use, features, and how it integrates with other business software. Zimbra can be integrated with Microsoft Exchange and other popular email providers.

CVE-2013-7091 is a directory traversal vulnerability in the /res/I18nMsg directory of Zimbra. It allows remote attackers to read arbitrary files using ".." in the skin parameter. This vulnerability was detected on Zimbra 7.2.2 and 8.0.2 versions. An attacker can exploit this vulnerability by obtaining data from LDAP credentials and accessing the service/admin/soap API.

Exploiting CVE-2013-7091 can have significant consequences for an organization. An attacker can use this vulnerability to obtain sensitive information such as usernames, passwords, and other confidential data. With access to the service/admin/soap API, an attacker can execute arbitrary code and harm the organization's systems and data.

With the pro features of securityforeveryone.com, individuals and organizations can easily learn about vulnerabilities in their digital assets. The platform provides a comprehensive vulnerability assessment that identifies potential security gaps before they are exploited. With this tool, users can stay ahead of potential attackers, protect their digital assets, and ensure the security of their organization's data.

REFERENCES

• http://packetstormsecurity.com/files/124321
• http://www.exploit-db.com/exploits/30085
• http://www.exploit-db.com/exploits/30472
• http://www.securityfocus.com/bid/64149
• https://exchange.xforce.ibmcloud.com/vulnerabilities/89527