From caff6a53f5133f8de7743dbd626868c3dd69bbf6 Mon Sep 17 00:00:00 2001
From: Ron Bowes <ron_bowes@rapid7.com>
Date: Tue, 2 Aug 2022 12:57:28 -0700
Subject: [PATCH] Add a CVE and better description

---
 .../exploits/linux/local/zimbra_slapper_priv_esc.rb  | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/modules/exploits/linux/local/zimbra_slapper_priv_esc.rb b/modules/exploits/linux/local/zimbra_slapper_priv_esc.rb
index aa8ec327c5..76c684311c 100644
--- a/modules/exploits/linux/local/zimbra_slapper_priv_esc.rb
+++ b/modules/exploits/linux/local/zimbra_slapper_priv_esc.rb
@@ -21,10 +21,12 @@ class MetasploitModule < Msf::Exploit::Local
         info,
         'Name' => 'Zimbra zmslapd arbitrary module load',
         'Description' => %q{
-          This module exploits a vulnerability in Zimbra's sudo configuration,
-          which permits the zimbra user to execute zmslapd with arbitrary
-          parameters. That service can load an arbitrary .so file, which allows
-          us to run code as root.
+          This module exploits CVE-2022-37393, which is a vulnerability in
+          Zimbra's sudo configuration that permits the zimbra user to execute
+          the zmslapd binary as root with arbitrary parameters. As part of its
+          intended functionality, zmslapd can load a user-defined configuration
+          file, which includes plugins in the form of .so files, which also
+          execute as root.
         },
         'License' => MSF_LICENSE,
         'Author' => [
@@ -37,7 +39,7 @@ class MetasploitModule < Msf::Exploit::Local
         'SessionTypes' => [ 'shell', 'meterpreter' ],
         'Privileged' => true,
         'References' => [
-          # Currently there is no CVE, but I reported it and requested one
+          [ 'CVE', '2022-37393',
           [ 'URL', 'https://darrenmartyn.ie/2021/10/27/zimbra-zmslapd-local-root-exploit/' ],
         ],
         'Targets' => [