The flaw is active when the WebEx zimlet is installed and its associated JSP (Jakarta Server Pages) functionality is enabled.
Zimbra Collaboration Suite (ZCS) versions before 8.8.15 Patch 7 CVSS 3.x Score: 9.8 (Critical) Attack Vector: Network (Remote) Authentication Required: No (Unauthenticated) Technical Details cve20207796 zimbra collaboration suite full
Please let me know if you'd like me to modify anything! The flaw is active when the WebEx zimlet
In their security advisory, Zimbra noted: "This vulnerability allows unauthenticated remote attackers to execute arbitrary commands. Immediate patching is strongly advised." cve20207796 zimbra collaboration suite full