Memory Exhaustion Vulnerability in kopano-ical and Zarafa

Memory Exhaustion Vulnerability in kopano-ical and Zarafa

CVE-2021-28994 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

kopano-ical (formerly zarafa-ical) in Kopano Groupware Core through 8.7.16, 9.x through 9.1.0, 10.x through 10.0.7, and 11.x through 11.0.1 and Zarafa 6.30.x through 7.2.x allows memory exhaustion via long HTTP headers.

Learn more about our Web Application Penetration Testing UK.