CVE-2022-41352 - Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability
CVE-2022-41352
Zimbra | Collaboration (ZCS)
- Date Added:
- 2022-10-20
- Due Date:
- 2022-11-10
- Vulnerability Name
Zimbra Collaboration (ZCS) Arbitrary File Upload Vulnerability
- Description
Zimbra Collaboration (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://wiki.zimbra.com/wiki/Security_Center; https://nvd.nist.gov/vuln/detail/CVE-2022-41352
Free security scan for your website