COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-47966

CVE-2022-47966

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-01-23
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-47966
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.

Players implicated

Zoho · vendorManageEngine · product

Description

Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.