CVE-2022-37042CISA KEVEPSS p99.7%

CVE-2022-37042Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability

Synacor / Zimbra Collaboration Suite (ZCS)

Description

Synacor Zimbra Collaboration Suite (ZCS) contains an authentication bypass vulnerability in MailboxImportServlet. This vulnerability was chained with CVE-2022-27925 which allows for unauthenticated remote code execution.

Scoring

EPSS88.26% probability of exploitation · percentile 99.7% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2022-08-11

(incoming)1

TypeTargetConfidenceTier
KEVEntrySynacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerabilitykev-cve-2022-370420%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
CVE
Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability
CVE
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
CVE
Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability
CVE
CVE-2022-41352
CVE
Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.