CISA Alert AA22-228A – Threat actors exploiting multiple CVEs against Zimbra Collaboration suite. [CISA Cybersecurity Alerts}

CISA and the Multi-State Information Sharing & Analysis Center, or MS-ISAC are publishing this joint Cybersecurity Advisory in response to active exploitation of multiple Common Vulnerabilities and Exposures against Zimbra Collaboration Suite, an enterprise cloud-hosted collaboration software and email platform.
AA22-228A Alert, Technical Details, and Mitigations
Volexity’s Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925
Hackers are actively exploiting password-stealing flaw in Zimbra
CISA adds Zimbra email vulnerability to its exploited vulnerabilities catal…
CVE-2022-27925 detail
Mass exploitation of (un)authenticated Zimbra RCE: …

advisory alert alerts amp analysis center cisa cisa alert cloud collaboration collaboration software common vulnerabilities and exposures cves cybersecurity cybersecurity advisory email enterprise exploitation exploiting information information sharing isac ms-isac platform publishing response sharing software state technical threat threat actors vulnerabilities zimbra zimbra collaboration suite