Vulnerability Description
Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zimbra | Collaboration | 8.7.6 |
Related Weaknesses (CWE)
References
- https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysisExploitThird Party Advisory
- https://darrenmartyn.ie/2021/10/27/zimbra-zmslapd-local-root-exploit/ExploitThird Party Advisory
- https://github.com/rapid7/metasploit-framework/pull/16807ExploitPatchThird Party Advisory
- https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysisExploitThird Party Advisory
- https://darrenmartyn.ie/2021/10/27/zimbra-zmslapd-local-root-exploit/ExploitThird Party Advisory
- https://github.com/rapid7/metasploit-framework/pull/16807ExploitPatchThird Party Advisory
FAQ
What is CVE-2022-37393?
CVE-2022-37393 is a vulnerability with a CVSS score of 7.8 (HIGH). Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuratio...
How severe is CVE-2022-37393?
CVE-2022-37393 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-37393?
Check the references section above for vendor advisories and patch information. Affected products include: Zimbra Collaboration.