CVE-2023-24032
In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to a Zimbra server instance) can execute commands as root by passing one of JVM arguments, leading to local privilege escalation (LPE).
| Software | From | Fixed in |
|---|---|---|
| zimbra / collaboration | 9.0.0 | 9.0.0.x |
| zimbra / collaboration | 9.0.0-p2 | 9.0.0-p2.x |
| zimbra / collaboration | 9.0.0-p3 | 9.0.0-p3.x |
| zimbra / collaboration | 9.0.0-p4 | 9.0.0-p4.x |
| zimbra / collaboration | 9.0.0-p5 | 9.0.0-p5.x |
| zimbra / collaboration | 9.0.0-p6 | 9.0.0-p6.x |
| zimbra / collaboration | 9.0.0-p7 | 9.0.0-p7.x |
| zimbra / collaboration | 9.0.0-p8 | 9.0.0-p8.x |
| zimbra / collaboration | 9.0.0-p9 | 9.0.0-p9.x |
| zimbra / collaboration | 9.0.0-p1 | 9.0.0-p1.x |
| zimbra / collaboration | 8.8.15-p10 | 8.8.15-p10.x |
| zimbra / collaboration | 8.8.15-p11 | 8.8.15-p11.x |
| zimbra / collaboration | 8.8.15-p16 | 8.8.15-p16.x |
| zimbra / collaboration | 8.8.15-p15 | 8.8.15-p15.x |
| zimbra / collaboration | 8.8.15-p14 | 8.8.15-p14.x |
| zimbra / collaboration | 8.8.15-p13 | 8.8.15-p13.x |
| zimbra / collaboration | 8.8.15-p12 | 8.8.15-p12.x |
| zimbra / collaboration | 8.8.15-p1 | 8.8.15-p1.x |
| zimbra / collaboration | 8.8.15-p2 | 8.8.15-p2.x |
| zimbra / collaboration | 8.8.15-p3 | 8.8.15-p3.x |
| zimbra / collaboration | 8.8.15-p4 | 8.8.15-p4.x |
| zimbra / collaboration | 8.8.15-p5 | 8.8.15-p5.x |
| zimbra / collaboration | 8.8.15-p6 | 8.8.15-p6.x |
| zimbra / collaboration | 8.8.15-p7 | 8.8.15-p7.x |
| zimbra / collaboration | 8.8.15-p8 | 8.8.15-p8.x |
| zimbra / collaboration | 8.8.15-p9 | 8.8.15-p9.x |
| zimbra / collaboration | 8.8.15 | 8.8.15.x |
| zimbra / collaboration | 8.8.15-p17 | 8.8.15-p17.x |
| zimbra / collaboration | 8.8.15-p18 | 8.8.15-p18.x |
| zimbra / collaboration | 8.8.15-p19 | 8.8.15-p19.x |
| zimbra / collaboration | 9.0.0-p10 | 9.0.0-p10.x |
| zimbra / collaboration | 9.0.0-p11 | 9.0.0-p11.x |
| zimbra / collaboration | 9.0.0-p12 | 9.0.0-p12.x |
| zimbra / collaboration | 9.0.0-p13 | 9.0.0-p13.x |
| zimbra / collaboration | 9.0.0-p14 | 9.0.0-p14.x |
| zimbra / collaboration | 9.0.0-p15 | 9.0.0-p15.x |
| zimbra / collaboration | 8.8.15-p20 | 8.8.15-p20.x |
| zimbra / collaboration | 8.8.15-p21 | 8.8.15-p21.x |
| zimbra / collaboration | 8.8.15-p22 | 8.8.15-p22.x |
| zimbra / collaboration | 8.8.15-p23 | 8.8.15-p23.x |
| zimbra / collaboration | 8.8.15-p24 | 8.8.15-p24.x |
| zimbra / collaboration | 8.8.15-p25 | 8.8.15-p25.x |
| zimbra / collaboration | 8.8.15-p26 | 8.8.15-p26.x |
| zimbra / collaboration | 8.8.15-p27 | 8.8.15-p27.x |
| zimbra / collaboration | 8.8.15-p28 | 8.8.15-p28.x |
| zimbra / collaboration | 8.8.15-p29 | 8.8.15-p29.x |
| zimbra / collaboration | 8.8.15-p30 | 8.8.15-p30.x |
| zimbra / collaboration | 8.8.15-p31 | 8.8.15-p31.x |
| zimbra / collaboration | 8.8.15-p32 | 8.8.15-p32.x |
| zimbra / collaboration | 8.8.15-p33 | 8.8.15-p33.x |
| zimbra / collaboration | 8.8.15-p34 | 8.8.15-p34.x |
| zimbra / collaboration | 9.0.0-p0 | 9.0.0-p0.x |
| zimbra / collaboration | 9.0.0-p19 | 9.0.0-p19.x |
| zimbra / collaboration | 9.0.0-p23 | 9.0.0-p23.x |
| zimbra / collaboration | 9.0.0-p25 | 9.0.0-p25.x |
| zimbra / collaboration | 9.0.0-p26 | 9.0.0-p26.x |
| zimbra / collaboration | 9.0.0-p27 | 9.0.0-p27.x |
| zimbra / collaboration | 9.0.0-p7.1 | 9.0.0-p7.1.x |
| zimbra / collaboration | 9.0.0-p33 | 9.0.0-p33.x |
| zimbra / collaboration | 8.8.15-p35 | 8.8.15-p35.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime