CVE-2022-41347

Published: Sep 26, 2022Modified: May 21, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.

Affected (2)

Products: Zimbra: Collaboration

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Zimbra Collaboration	Version 8.8.15
Zimbra Collaboration	Version 9.0.0

References (8)

https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/darrenmartyn/zimbra-hinginx

Source: cve@mitre.org

Third Party Advisory

https://wiki.zimbra.com/wiki/Security_Center

Source: cve@mitre.org

PatchVendor Advisory

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Source: cve@mitre.org

Vendor Advisory

https://darrenmartyn.ie/2021/10/25/zimbra-nginx-local-root-exploit/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://github.com/darrenmartyn/zimbra-hinginx

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://wiki.zimbra.com/wiki/Security_Center

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.