CVE-2022-27924

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:*
cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:*

Information

Published : 2022-04-20 17:15

Updated : 2022-05-03 05:59


NVD link : CVE-2022-27924

Mitre link : CVE-2022-27924


JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa

Products Affected

zimbra

  • collaboration