CVE-2022-27924
Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability
CVSS
—
Sin CVSS
EPSS
85.4%
p100
KEV
SÍ
4 ago 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
84.6%EPSS · 30 días85.4%
2026-06-302026-07-16
Producto
Synacor / Zimbra Collaboration Suite (ZCS)
Vulnerabilidad
Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability
Añadido a KEV
4 ago 2022
Remediar antes de
25 ago 2022
Uso conocido en ransomware
Sí
Descripción resumida
Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries.
Acción requerida
Apply updates per vendor instructions.
Notas
https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24.1#Security_Fixes; https://nvd.nist.gov/vuln/detail/CVE-2022-27924
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2024-45519—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability—CVE-2019-9670—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference—CVE-2022-27925—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-41352—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-37042—99.8%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability—CVE-2019-9621—99.6%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability—