{"vulnerability": "CVE-2022-3569", "sightings": [{"uuid": "52f002f5-5ed5-4f73-b0e3-e6a5b1ad5753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3569", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "d95ae2e8-6ed8-4df3-ad73-2f566a4b4171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3569", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:47.000000Z"}, {"uuid": "e6b0da47-5bf2-4499-9203-cbde2e98efb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3569", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/zimbra_postfix_priv_esc.rb", "content": "", "creation_timestamp": "2022-10-19T09:20:04.000000Z"}, {"uuid": "91c8c71b-f312-45c7-8cfb-e23d176b18ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35698", "type": "seen", "source": "https://www.cert.at/de/warnungen/2022/10/kritische-sicherheitslucke-in-magento-open-source-und-adobe-commerce-updates-verfugbar", "content": "", "creation_timestamp": "2022-10-12T06:00:10.000000Z"}, {"uuid": "91cf1e3c-756b-4f42-b0b9-5a85402d6cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35698", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3116", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis repository contains potential security patches for the Magento APSB22-48 and CVE-2022-35698 security vulnerability\nURL\uff1ahttps://github.com/EmicoEcommerce/Magento-APSB22-48-Security-Patches\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-25T04:54:19.000000Z"}, {"uuid": "9a854732-db1e-4b19-9abd-328368ec6e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-35698", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_17/2022", "content": "", "creation_timestamp": "2022-10-12T09:34:02.000000Z"}, {"uuid": "a0231d36-cff2-42e3-818a-7c2168546e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35696", "type": "seen", "source": "https://t.me/cibsecurity/54713", "content": "\u203c CVE-2022-35696 \u203c\n\nAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:34:28.000000Z"}, {"uuid": "1e874bca-b690-4025-90fd-6aa1b9b1dac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3569", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16149", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3569\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.\n\ud83d\udccf Published: 2022-10-17T22:45:11.553Z\n\ud83d\udccf Modified: 2025-05-13T15:04:07.694Z\n\ud83d\udd17 References:\n1. https://twitter.com/ldsopreload/status/1580539318879547392\n2. https://github.com/rapid7/metasploit-framework/pull/17141\n3. http://packetstormsecurity.com/files/169430/Zimbra-Privilege-Escalation.html", "creation_timestamp": "2025-05-13T15:31:25.000000Z"}, {"uuid": "3aeb0bc8-ea4c-4844-9eff-7a62a90d41df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35695", "type": "seen", "source": "https://t.me/cibsecurity/54904", "content": "\u203c CVE-2022-35695 \u203c\n\nAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T18:15:58.000000Z"}, {"uuid": "60dcb80f-72d5-428f-85c1-794f6f593c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35693", "type": "seen", "source": "https://t.me/cibsecurity/54899", "content": "\u203c CVE-2022-35693 \u203c\n\nAdobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T22:21:54.000000Z"}, {"uuid": "556ddf9d-6a04-4776-8730-6c5d9b318fd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3569", "type": "seen", "source": "https://t.me/cibsecurity/51651", "content": "\u203c CVE-2022-3569 \u203c\n\nDue to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T02:13:24.000000Z"}, {"uuid": "2b12df20-bc12-42be-a648-4f0308f71f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35690", "type": "seen", "source": "https://t.me/cibsecurity/51506", "content": "\u203c CVE-2022-35690 \u203c\n\nAdobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-15T00:29:11.000000Z"}, {"uuid": "e4f353a1-19a8-43da-a4de-3110d3fcd7e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35699", "type": "seen", "source": "https://t.me/cibsecurity/50055", "content": "\u203c CVE-2022-35699 \u203c\n\nAdobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T20:38:08.000000Z"}, {"uuid": "f781a9fa-9f61-46db-96e7-12d67e46664e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35697", "type": "seen", "source": "https://t.me/cibsecurity/47921", "content": "\u203c CVE-2022-35697 \u203c\n\nAdobe Experience Manager Core Components version 2.20.6 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires a low author privilege access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T00:32:31.000000Z"}]}