CVE-2020-7796 - PatchNow

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2020-02-18

Added to CISA KEV: 2026-02-17 2191 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity
Immediately upgrade to Zimbra 8.8.15 Patch 7 or later
If immediate patching is not possible, disable WebEx zimlet or JSP functionality as temporary mitigation
Monitor for unusual outbound network requests from Zimbra servers that could indicate SSRF exploitation
Review network logs for evidence of internal network scanning or unauthorized external requests
Patch priority: CRITICAL - deploy emergency patches immediately

🔍 Web Intelligence (Kagi · 2026-06-04)

CVE-2020-7796 is a Server-Side Request Forgery (SSRF) vulnerability affecting the Zimbra Collaboration Suite (ZCS) ^[2]?id=CVE-2020-7796?kagi_q=CVE-2020-7796+details.

Vulnerability Overview

Affected Product: Zimbra Collaboration Suite (ZCS) versions prior to 8.8.15 Patch 7 ^[2] ^[1].
Root Cause: The vulnerability exists when the WebEx zimlet is installed and the zimlet JSP is enabled, allowing an attacker to perform SSRF attacks ^[1]?id=CVE-2020-7796?kagi_q=CVE-2020-7796+details.

Attack Method and Requirements

Access Vector: The vulnerability is exploitable over the network (remote) ^[1].
Authentication: It does not require authentication to exploit ^[1].
Complexity: The attack complexity is rated as medium ^[1].

Impact

Successful exploitation allows an attacker to conduct SSRF, which can lead to unauthorized access to internal resources, information disclosure, or further attacks against the internal network infrastructure ^[1].

Exploitation and Mitigation

Active Exploitation: While the vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) Catalog, specific details regarding current threat actor campaigns or ransomware usage are not explicitly detailed in public records ^[3].
PoC Availability: Automated detection templates, such as those for the Nuclei vulnerability scanner, are publicly available to identify vulnerable instances ^[2].
Mitigation: The primary mitigation is to update the Zimbra Collaboration Suite to version 8.8.15 Patch 7 or later ^[2] ^[1].

Sources

CVE-2020-7796 - Vulnerability Details - OpenCVE
Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled. ... "}, {"lang": "es", "value": "Zimbra Collaboration Suite (ZCS) versiones anteriores a 8.8.15 Patch 7, permite un ataque de tipo SSRF cuando WebEx zimlet es instalado y ziml…
CVE-2020-7796.yaml - projectdiscovery/nuclei-templates - GitHub
Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 is susceptible to server-side request forgery when WebEx zimlet is installed and zimlet JSP is enabled.
CVE-2020-7796 Detail - NVD
This CVE is in CISA's Known Exploited Vulnerabilities Catalog. Reference CISA's BOD 22-01 and Known Exploited Vulnerabilities Catalog for further guidance and ... An official website of the United States government NVD MENU ... ... CVE-2020-7796 Detail ... https://www.cisa.gov/known-exploited-vuln…

🔴 CVE-2020-7796