Closed Zxxxx closed 8 months ago
Hi @Zxxxx, thank you for opening the request. After reviewing this vulnerability ref, there are a few concerns about how Tsunami scanner can verify the vulnerability:
Please let me know if you have a more reliable way in mind to detect this vulnerability to address the concerns above.
Hello. I want to contribute to the tsunami scanner with a detector plugin to detect CVE-2022-27925 vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2022-27925 https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24
The vulnerability has been assigned a CVE ID CVE-2022-27925 ,the severity level of the vulnerability is HIGH : CVSS score: 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Zimbra versions 8.8.15 patch 33 or 9.0.0 patch 26 were deemed vulnerable by the vendor
allow a remote, unauthenticated attacker to execute arbitrary code via.