CVE-2022-3569
published 2022-10-17CVE-2022-3569: Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior…
PriorityP348high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
0.69%
48.3th percentile
Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| synacor | zimbra_collaboration_suite | <= 9.0.0 | — |
| synacor | zimbra_collaboration_suite | 9.0.0 – 9.0.0 | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cisa8.6HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jq7j-25x9-p735: Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9
ghsa_unreviewed·2022-10-18
CVE-2022-3569 [HIGH] CWE-269 GHSA-jq7j-25x9-p735: Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9
Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.
CISA
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
cisa·2021-11-03·CVSS 8.6
CVE-2020-3569 [HIGH] CWE-400 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Vulnerability: Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
Affected: Cisco IOS XR
Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventually crash.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-3569
Remediation Due Date: 2022-05-03
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/169430/Zimbra-Privilege-Escalation.htmlhttps://github.com/rapid7/metasploit-framework/pull/17141https://twitter.com/ldsopreload/status/1580539318879547392http://packetstormsecurity.com/files/169430/Zimbra-Privilege-Escalation.htmlhttps://github.com/rapid7/metasploit-framework/pull/17141https://twitter.com/ldsopreload/status/1580539318879547392
2022-10-17
Published