Lucene search
China National Vulnerability DatabaseCNVD-2022-70602HistoryApr 22, 2022 - 12:00 a.m.
Zimbra Access Control Error Vulnerability
2022-04-2200:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
0.097 Low
EPSS
Percentile
94.8%
Zimbra Collaboration (aka ZCS) versions 8.8.15 and 9.0 are vulnerable to an access control error. The vulnerability stems from a network system or product that does not properly restrict access to resources from unauthorized roles. An unauthenticated attacker could exploit the vulnerability to inject arbitrary memcache commands into the target instance.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zimbra zimbra collaboration | eq | 8.8.15 | |
| zimbra zimbra collaboration | eq | 9.0 |
Related
checkpoint_advisories
checkpoint_advisories
Zimbra Collaboration CRLF Injection (CVE-2022-27924)
2022-07-20 00:00:00
cisa_kev
cisa_kev
Zimbra Collaboration (ZCS) Command Injection Vulnerability
2022-08-04 00:00:00
nvd
nvd
CVE-2022-27924
2022-04-21 00:15:08
osv
osv
CVE-2022-27924
2022-04-21 00:15:08
thn
thn
prion
prion
Design/Logic Flaw
2022-04-21 00:15:00
cve
cve
CVE-2022-27924
2022-04-21 00:15:08
cvelist
cvelist
CVE-2022-27924
2022-04-20 23:23:17
attackerkb
attackerkb
ics
ics
Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
2023-01-27 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
nessus
nessus
rapid7blog
rapid7blog
Whatβs New in InsightVM and Nexpose: Q3 2022 in Review
2022-09-28 14:11:35