CVE-2022-37042: Synacor Zimbra Collaboration Suite (ZCS) Authentication

Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability. Synacor Zimbra Collaboration Suite (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution.

• CISA KEV-listed (remediation due 2022-09-01)
• used in ransomware campaigns
• EPSS 94.3% (100.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions