CVSS 3.1 Score 7.5 of 10 (high)


Published Apr 21, 2022
Updated: May 3, 2022


CVE-2022-27924 is a vulnerability affecting Zimbra Collaboration (ZCS) 8.8.15 and 9.0, allowing an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, resulting in the overwriting of arbitrary cached entries. The vulnerability has a base severity rating of HIGH and a base score of 7.5 according to the CVSS v3.1 scoring system. It requires no privileges and user interaction to exploit, and can be exploited remotely over the network. The potential danger it poses to an organization is that it could lead to unauthorized access or manipulation of data stored within the ZCS system. To remediate this vulnerability, organizations should apply the necessary security patches or updates provided by Zimbra as soon as they become available.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2022-27924 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options