Local Privilege Escalation (LPE) Vulnerability in Zimbra Collaboration Suite through 9.0 and 8.8.15
CVE-2023-24032 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as root by passing one of JVM arguments, leading to local privilege escalation (LPE).
Learn more about our Cis Benchmark Audit For Server Software.