I honestly don't know what to do with that specific issue you have. I'm puzzled though since even old versions of Zimbra don't run Joomla (a CMS) so whatever error that is, is a false positive.
You have more security problems than your audit will show by having such an out of date version so if you are concerned about security (and not just complying with a vulnerability scan), you really should update.
If I knew more specifics to tell you I would, but its been a while since I've run that Zimbra version myself and had not made any such changes when I did. The most I can think of is looking at /opt/zimbra/tomcat/conf files
State University of New York at New Paltz