CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities CatalogSecurity Affairs
The US Computer Information Security Association (US CISA) has issued a security advisory for a vulnerability in Zoho ManageEngine.
The US CISA added the Zoho ManageEngine remote code execution flaw (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup.
Source read time: 2 min - securityaffairs.com
Also offered in: Nederlands