mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-31 10:40:54 +00:00
899 B
899 B
CVE-2022-37393
Description
Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root.