Local Privilege Escalation (LPE) Vulnerability in Zimbra Collaboration Suite through 9.0 and 8.8.15

CVE-2023-24032 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as root by passing one of JVM arguments, leading to local privilege escalation (LPE).

Learn more about our Cis Benchmark Audit For Server Software.