CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Feb 13, 2023
High
CISA KEVRansomwareCVE-2022-47966
Zoho—ManageEngine
Multiple Zoho ManageEngine products contain an unauthenticated remote code execution vulnerability due to the usage of an outdated third-party dependency, Apache Santuario.
Required Action
https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html; https://nvd.nist.gov/vuln/detail/CVE-2022-47966
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Jan 23, 2023
- KEV Added
- Jan 23, 2023
- Due Date
- Feb 13, 2023
- Related Articles
- 0
Vendor
Zoho
ManageEngine