Due to an issue with incorrect sudo permissions, Zimbra...
High severity
Unreviewed
Published
Oct 18, 2022
to the GitHub Advisory Database
•
Updated Jul 21, 2023
Description
Published by the National Vulnerability Database
Oct 17, 2022
Published to the GitHub Advisory Database
Oct 18, 2022
Last updated
Jul 21, 2023
Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.
References