CVE-2022-41347

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration (ZCS) versions 8.8.x through 9.x

Description An issue was discovered in Zimbra Collaboration, related to the Sudo configuration, which permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. This allows NGINX to load a user-defined configuration file, including plugins in the form of .so files, which execute as root. The vulnerability is associated with insufficient access control when handling the NGINX binary file, potentially allowing an attacker to elevate their privileges by loading configuration files.

Recommendations For Zimbra Collaboration (ZCS) versions 8.8.x through 9.x, consider restricting the zimbra user's ability to execute the NGINX binary as root with arbitrary parameters as a temporary workaround until a patch is available. Restrict access to the NGINX configuration files to minimize the risk of exploitation. Avoid using the NGINX binary with arbitrary parameters in the affected Zimbra Collaboration versions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.