Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
References
| Link | Resource |
|---|---|
| http://packetstormsecurity.com/files/168146/Zimbra-Zip-Path-Traversal.html | Exploit Third Party Advisory VDB Entry |
| https://wiki.zimbra.com/wiki/Security_Center | Vendor Advisory |
| https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24 | Release Notes Vendor Advisory |
| https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2023, 14:21
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) http://packetstormsecurity.com/files/168146/Zimbra-Zip-Path-Traversal.html - Exploit, Third Party Advisory, VDB Entry | |
| CWE | CWE-22 |
24 Aug 2022, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
03 May 2022, 14:23
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
| CPE | cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:* cpe:2.3:a:zimbra:collaboration:9.0.0:-:*:*:*:*:*:* |
|
| References | (MISC) https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories - Vendor Advisory | |
| References | (MISC) https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24 - Release Notes, Vendor Advisory | |
| References | (MISC) https://wiki.zimbra.com/wiki/Security_Center - Vendor Advisory | |
| CWE | CWE-434 |
21 Apr 2022, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-04-21 00:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-27925
Mitre link : CVE-2022-27925
CVE.ORG link : CVE-2022-27925
JSON object : View
Products Affected
zimbra
- collaboration
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')