Vulnerability Details CVE-2022-41347
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.3%
CVSS Severity
CVSS v3 Score 7.8
References
- https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/
- https://github.com/darrenmartyn/zimbra-hinginx
- https://wiki.zimbra.com/wiki/Security_Center
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
- https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/
- https://github.com/darrenmartyn/zimbra-hinginx
- https://wiki.zimbra.com/wiki/Security_Center
- https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
Products affected by CVE-2022-41347
-
cpe:2.3:a:zimbra:collaboration:8.8.15
-
cpe:2.3:a:zimbra:collaboration:9.0.0