November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – WannaCry Ransomware – Active IOCs
August 11, 2022Rewterz Threat Update – Cisco Suffered A Data Breach Attack By The Yanluowang Ransomware Gang
August 11, 2022Rewterz Threat Alert – WannaCry Ransomware – Active IOCs
August 11, 2022Rewterz Threat Update – Cisco Suffered A Data Breach Attack By The Yanluowang Ransomware Gang
August 11, 2022
Severity
High
Analysis Summary
CVE-2022-37393
Zimbra could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the sudo configuration. By sending a specially-crafted request, an <authenticated> attacker could exploit this vulnerability to execute the zmslapd binary as root user.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2022-37393
Affected Vendors
Zimbra
Affected Products
- Zimbra 8.8.15
Remediation
Refer to Zimbra Security Advisory for patch, upgrade or suggested workaround information.
Zimbra Security Advisory