An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
References
Link | Resource |
---|---|
https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/ | Exploit Third Party Advisory |
https://github.com/darrenmartyn/zimbra-hinginx | Third Party Advisory |
https://wiki.zimbra.com/wiki/Security_Center | Patch Vendor Advisory |
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Sep 2022, 17:04
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:* cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:* |
|
First Time |
Zimbra
Zimbra collaboration |
|
References | (MISC) https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories - Vendor Advisory | |
References | (MISC) https://github.com/darrenmartyn/zimbra-hinginx - Third Party Advisory | |
References | (MISC) https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/ - Exploit, Third Party Advisory | |
References | (MISC) https://wiki.zimbra.com/wiki/Security_Center - Patch, Vendor Advisory |
26 Sep 2022, 03:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-26 02:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-41347
Mitre link : CVE-2022-41347
CVE.ORG link : CVE-2022-41347
JSON object : View
Products Affected
zimbra
- collaboration
CWE