CVE-2021-34807: 
Zimbra Collaboration Server vulnerability analysis and mitigation

An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any URL via isredirect=1&redirectURL= in conjunction with the token data (e.g., a valid authtoken= value) (CVE Details).

The vulnerability exists in the /preauth Servlet component and involves improper validation of redirect URLs. The vulnerability has a CVSS score of 6.1, indicating medium severity. The issue affects Zimbra Collaboration Suite versions through 9.0 and 8.8.15 (Zimbra Security, Zimbra Releases).

If successfully exploited, this vulnerability allows an attacker who has obtained a valid authentication token to redirect users to arbitrary external URLs. This could be used in phishing attacks or to redirect users to malicious websites while appearing to come from the legitimate Zimbra server (CVE Details).

The vulnerability has been patched in Zimbra Collaboration Suite 8.8.15 Patch 23 and 9.0.0 Patch 16. Organizations should upgrade to these or later versions to address this vulnerability. Additionally, Zimbra recommends reviewing the zimbraProxyAllowedDomains configuration to ensure it only contains specific trusted hosts and no wildcard entries (Zimbra Security).