cbcvebase.
CVE-2022-30287
published 2022-07-28

CVE-2022-30287: Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads…

PriorityP261high8CVSS 3.1
AVNACLPRLUIRSUCHIHAH
EPSS
70.28%
99.3th percentile
Horde Groupware Webmail Edition through 5.2.22 allows a reflection injection attack through which an attacker can instantiate a driver class. This then leads to arbitrary deserialization of PHP objects.

Affected

3 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianphp-horde-turba< php-horde-turba 4.2.25-6 (bookworm)php-horde-turba 4.2.25-6 (bookworm)
hordegroupware<= 5.2.22

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability affects Horde Groupware Webmail Edition through version 5.2.22; monitor for exploitation attempts involving reflection injection leading to arbitrary PHP object deserialization
  • ·Scope of exploitation is listed as local, limiting remote attack surface; however, deserialization of PHP objects can still lead to significant impact if an attacker has local or authenticated access
  • ·Fixed versions are available for Debian: bookworm (4.2.25-6), bullseye (4.2.25-5+deb11u2), and sid (4.2.25-6); ensure patched packages are deployed

CVSS provenance

nvdv3.18.0HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
osv8.0HIGH
vendor_debian8.0HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.