Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 31 / 9.0.0 < 9.0.0 Patch 24 Command Injection

high Web App Scanning Plugin ID 113311

Language:

Synopsis

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 31 / 9.0.0 < 9.0.0 Patch 24 Command Injection

Description

Zimbra Collaboration (aka ZCS) allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes unescaped, causing an overwrite of arbitrary cached entries.

Successful exploitation may result in the leakage of the target users' plaintext passwords.

Solution

Upgrade to version 8.8.15 Patch 31, 9.0.0 Patch 24, or later.

See Also

https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24

Plugin Details

Severity: High

ID: 113311

Type: remote

Family: Component Vulnerability

Published: 7/18/2022

Updated: 7/18/2022

Scan Template: basic, full, pci, scan

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2022-27924

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS Score Source: CVE-2022-27924

Vulnerability Information

CPE: cpe:2.3:a:zimbra:collaboration:*:-:*:*:*:*:*:*

Exploit Available: true

Exploit Ease: Exploits are available

CISA Known Exploited Vulnerability Due Dates: 8/25/2022

Reference Information

CVE: CVE-2022-27924

CWE: 74

OWASP: 2010-A1, 2013-A1, 2013-A9, 2017-A1, 2017-A9, 2021-A3, 2021-A6

WASC: Improper Input Handling

CAPEC: 10, 101, 108, 120, 13, 135, 14, 24, 250, 267, 273, 28, 3, 34, 42, 43, 45, 46, 47, 51, 52, 53, 6, 64, 67, 7, 71, 72, 76, 78, 79, 8, 80, 83, 84, 9

DISA STIG: APSC-DV-002560, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.14.2.5

NIST: sp800_53-CM-6b, sp800_53-SI-10

OWASP API: 2019-API7, 2019-API8, 2023-API8

OWASP ASVS: 4.0.2-14.2.1, 4.0.2-5.2.5

PCI-DSS: 3.2-6.2, 3.2-6.5.1