CVE-2022-3569 Information

Description

Due to an issue with incorrect sudo permissions Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior where the ‘zimbra’ user can effectively coerce postfix into running arbitrary commands as ‘root’.

Reference

https://github.com/rapid7/metasploit-framework/pull/17141 https://twitter.com/ldsopreload/status/1580539318879547392