CVE-2022-47966 - Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Project:Zoho
Product:ManageEngine
Date Added:2023-01-23Due Date:2023-02-13
Vulnerability Name
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability
Description
Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.
Known To Be Used in Ransomware Campaigns?
Known
Action
Apply updates per vendor instructions.
Additional Notes
https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html
https://nvd.nist.gov/vuln/detail/CVE-2022-47966
Related News Articles
Embargo ransomware escalates attacks to cloud environmentsSeptember 27, 2024