Vulnerabilities > CVE-2022-41347 - Unspecified vulnerability in Zimbra Collaboration 8.8.15/9.0.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/
- https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/
- https://github.com/darrenmartyn/zimbra-hinginx
- https://github.com/darrenmartyn/zimbra-hinginx
- https://wiki.zimbra.com/wiki/Security_Center
- https://wiki.zimbra.com/wiki/Security_Center
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories