CVE-2022-45912

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76	Third Party Advisory
https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:zimbra:collaboration:8.8.15:::::::*
	cpe:2.3:a:zimbra:collaboration:9.0.0:::::::*

History

21 Nov 2024, 07:29

Type	Values Removed	Values Added
References	~~() https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76 - Third Party Advisory~~	() https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76 - Third Party Advisory
Summary		(es) Se descubrió un problema en Zimbra Collaboration (ZCS) 8.8.15 y 9.0. La ejecución remota de código puede realizarse a través de ClientUploader por parte de un usuario administrador autenticado. Un usuario administrador autenticado puede cargar archivos a través de la utilidad ClientUploader y desplazarse a cualquier otro directorio para la ejecución remota de código.

Information

Published : 2022-12-05 22:15

Updated : 2025-04-24 14:15

NVD link : CVE-2022-45912

Mitre link : CVE-2022-45912

CVE.ORG link : CVE-2022-45912

JSON object : View

Products Affected

zimbra

collaboration

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2022-45912", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2022-12-05T22:15:11.227", "references": [{"url": "https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://gist.github.com/Threonic/e90c85e11e1ac925ff57783988779e76", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Zimbra Collaboration (ZCS) 8.8.15 y 9.0. La ejecuci\u00f3n remota de c\u00f3digo puede realizarse a trav\u00e9s de ClientUploader por parte de un usuario administrador autenticado. Un usuario administrador autenticado puede cargar archivos a trav\u00e9s de la utilidad ClientUploader y desplazarse a cualquier otro directorio para la ejecuci\u00f3n remota de c\u00f3digo."}], "lastModified": "2025-04-24T14:15:44.423", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zimbra:collaboration:8.8.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E131E5AC-E25C-47DE-B8A3-CCF08AAA495F"}, {"criteria": "cpe:2.3:a:zimbra:collaboration:9.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8C474D6-05B6-4F7D-94EA-E414FABDB098"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}