CVE-2022-36178

Name of the Vulnerable Software and Affected Versions Kerio Connect administration versions 9.4 through 9.4.1

Description A security issue affects the administration component of Kerio Connect. The estimated number of potentially affected devices worldwide is not specified. There are reports of real-world incidents where this issue was exploited. Technical details about exploitation include the use of vulnerable parameters or variables, but specific API Endpoints or function names are not mentioned.

Recommendations For Kerio Connect administration versions 9.4 through 9.4.1, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.