{"uuid": "149eaa56-c762-43e4-887b-084dfc1ea5b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41352", "type": "seen", "source": "https://t.me/arpsyndicate/1721", "content": "#ExploitObserverAlert\n\nCVE-2022-41352\n\nDESCRIPTION: Exploit Observer has 20 entries related to CVE-2022-41352. An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavis automatically prefers it over cpio.\n\nFIRST-EPSS: 0.957590000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-11T11:33:52.000000Z"}