CVE-2022-37042

Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution. Vendor/Product: Synacor Zimbra Collaboration Suite (ZCS). Added to CISA KEV 2022-08-11; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2022-37042