Medium severity5.3OSV Advisory· Published May 10, 2018· Updated Jun 17, 2026
CVE-2018-10949
CVE-2018-10949
Description
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <8.8.8 || <8.7.11.Patch3 || 8.6
Patches
Vulnerability mechanics
References
1- bugzilla.zimbra.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.