CVE-2022-37042 - Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability

项目:Synacor

产品:Zimbra Collaboration Suite (ZCS)

添加日期:2022-08-11到期日:2022-09-01最后更新:June 21, 2025

漏洞名称

Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability

描述

Synacor Zimbra Collaboration Suite (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution.

已知用于勒索软件活动吗?

Known

采集行动

Apply updates per vendor instructions.

其他说明

https://blog.zimbra.com/2022/08/authentication-bypass-in-mailboximportservlet-vulnerability/

https://nvd.nist.gov/vuln/detail/CVE-2022-37042

相关 CWE

CWE-23