CVE-2022-37393

Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
rapid7CNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
VendorProductVersion
zimbracollaboration
8.7.6
zimbracollaboration
8.7.7
zimbracollaboration
8.7.9
zimbracollaboration
8.7.10
zimbracollaboration
8.7.11
zimbracollaboration
8.7.11:p1
zimbracollaboration
8.7.11:p10
zimbracollaboration
8.7.11:p11
zimbracollaboration
8.7.11:p12
zimbracollaboration
8.7.11:p13
zimbracollaboration
8.7.11:p14
zimbracollaboration
8.7.11:p15
zimbracollaboration
8.7.11:p2
zimbracollaboration
8.7.11:p3
zimbracollaboration
8.7.11:p4
zimbracollaboration
8.7.11:p5
zimbracollaboration
8.7.11:p6
zimbracollaboration
8.7.11:p7
zimbracollaboration
8.7.11:p8
zimbracollaboration
8.7.11:p9
zimbracollaboration
8.8.0:beta1
zimbracollaboration
8.8.2
zimbracollaboration
8.8.3
zimbracollaboration
8.8.4
zimbracollaboration
8.8.6
zimbracollaboration
8.8.7
zimbracollaboration
8.8.8
zimbracollaboration
8.8.8:p1
zimbracollaboration
8.8.8:p3
zimbracollaboration
8.8.8:p4
zimbracollaboration
8.8.8:p7
zimbracollaboration
8.8.9
zimbracollaboration
8.8.9:p1
zimbracollaboration
8.8.9:p10
zimbracollaboration
8.8.9:p3
zimbracollaboration
8.8.10
zimbracollaboration
8.8.10:p8
zimbracollaboration
8.8.11
zimbracollaboration
8.8.11:p3
zimbracollaboration
8.8.11:p4
zimbracollaboration
8.8.11:p5
zimbracollaboration
8.8.12
zimbracollaboration
8.8.12:p3
zimbracollaboration
8.8.12:p4
zimbracollaboration
8.8.15
zimbracollaboration
8.8.15:p11
zimbracollaboration
8.8.15:p26
zimbracollaboration
8.8.15:p3
zimbracollaboration
8.8.15:p30
zimbracollaboration
8.8.15:p31
zimbracollaboration
8.8.15:p32
zimbracollaboration
8.8.15:p33
zimbracollaboration
8.8.15:p34
zimbracollaboration
8.8.15:p5
zimbracollaboration
9.0.0:p0
zimbracollaboration
9.0.0:p19
zimbracollaboration
9.0.0:p23
zimbracollaboration
9.0.0:p25
zimbracollaboration
9.0.0:p26
zimbracollaboration
9.0.0:p27
zimbracollaboration
9.0.0:p4
zimbracollaboration
9.0.0:p7
zimbracollaboration
9.0.0:p7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
https://darrenmartyn.ie/2021/10/27/zimbra-zmslapd-local-root-exploit/
https://github.com/rapid7/metasploit-framework/pull/16807
https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
https://darrenmartyn.ie/2021/10/27/zimbra-zmslapd-local-root-exploit/
https://github.com/rapid7/metasploit-framework/pull/16807