CISA description
Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
CVE-2019-9670
Synacor · Zimbra Collaboration Suite (ZCS)
Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference
Required action
Apply updates per vendor instructions.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.