I have done some more research on this with a colleague and the issue is highly critical.
If you have Zimbra HTTP(S) and SSH exposed to the internet, your installation can be compromised.
As a workaround I would highly recommend firewalling remote access to the SSH port, although this does not fully address the issue.
Still waiting to be contacted by Zimbra... |