CVE-2022-41347: 
Zimbra Collaboration Server vulnerability analysis and mitigation

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.x and 9.x (e.g., 8.8.15). The Sudo configuration permits the zimbra user to execute the NGINX binary as root with arbitrary parameters. As part of its intended functionality, NGINX can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root (NVD).

The vulnerability exists in the sudo configuration that allows the zimbra user to execute NGINX with root privileges. The key issue is that NGINX can load user-defined configuration files and plugins (.so files) which will also execute with root privileges. This creates a privilege escalation path from the zimbra user to root access (NVD).

The vulnerability allows a compromised zimbra user account to escalate privileges to root by leveraging NGINX's ability to load custom configurations and plugins. This could lead to complete system compromise since the attacker can execute arbitrary code with root privileges (NVD).

The vulnerability affects Zimbra Collaboration Suite versions 8.8.x and 9.x (including 8.8.15). Organizations should update to patched versions when available. In the interim, organizations should monitor and restrict access to the zimbra user account and audit any sudo usage by this account (NVD).