Vulnerabilities > CVE-2022-27924 - Unspecified vulnerability in Zimbra Collaboration 8.8.15/9.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Related news
References
- https://wiki.zimbra.com/wiki/Security_Center
- https://wiki.zimbra.com/wiki/Security_Center
- https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24
- https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories