Vulnerability Description
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Zimbra | Collaboration | 8.8.15 |
References
- https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/ExploitThird Party Advisory
- https://github.com/darrenmartyn/zimbra-hinginxThird Party Advisory
- https://wiki.zimbra.com/wiki/Security_CenterPatchVendor Advisory
- https://wiki.zimbra.com/wiki/Zimbra_Security_AdvisoriesVendor Advisory
- https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/ExploitThird Party Advisory
- https://github.com/darrenmartyn/zimbra-hinginxThird Party Advisory
- https://wiki.zimbra.com/wiki/Security_CenterPatchVendor Advisory
- https://wiki.zimbra.com/wiki/Zimbra_Security_AdvisoriesVendor Advisory
FAQ
What is CVE-2022-41347?
CVE-2022-41347 is a vulnerability with a CVSS score of 7.8 (HIGH). An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As par...
How severe is CVE-2022-41347?
CVE-2022-41347 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-41347?
Check the references section above for vendor advisories and patch information. Affected products include: Zimbra Collaboration.