Zimbra Email - Stealing Clear-Text Credentials via Memcache injection | Sonar
Tags
attack-pattern: Data Credentials - T1589.001 Email Accounts - T1585.002 Email Accounts - T1586.002 Email Addresses - T1589.002 Exploits - T1587.004 Exploits - T1588.005 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Connection Proxy - T1090 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID 6f8666a4-2e02-4249-873d-d7615826bb09
Fingerprint 7ce385d14d23648d
Analysis status DONE
Considered CTI value 0
Text language
Published June 14, 2022, midnight
Added to db Feb. 17, 2023, 9:37 p.m.
Last updated Nov. 17, 2024, 5:56 p.m.
Headline Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
Title Zimbra Email - Stealing Clear-Text Credentials via Memcache injection | Sonar
Detected Hints/Tags/Attributes 52/1/10
Source URLs
Redirection Url
Details Source https://blog.sonarsource.com/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/
Details Source https://www.sonarsource.com/blog/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/
URL Provider
Details Provider Source level domain
Details sonarsource.com www.sonarsource.com
Details sonarsource.com blog.sonarsource.com
Attributes
Details Type #Events CTI Value
Details CVE 19 
cve-2022-27924
Details Domain 831 
example.com
Details Email 1 
firstname}.{lastname}@example.com
Details Email 1 
user=exampleuser@example.com
Details Email 17 
user@example.com
Details Email 2 
exampleuser@example.com
Details Email 3 
victim@example.com
Details Email 1 
firstname}.{lastname}@company.tld
Details Email 1 
a@example.com
Details Url 1 
https://example.com/service/home