An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
References
Link | Resource |
---|---|
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories | Vendor Advisory |
https://wiki.zimbra.com/wiki/Security_Center | Patch Vendor Advisory |
https://github.com/darrenmartyn/zimbra-hinginx | Third Party Advisory |
https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-09-25 19:15
Updated : 2022-09-28 10:04
NVD link : CVE-2022-41347
Mitre link : CVE-2022-41347
JSON object : View
CWE
Products Affected
zimbra
- collaboration