CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-26269 – Apache James server: Privilege escalation through unauthenticated JMX
https://notcve.org/view.php?id=CVE-2023-26269
03 Apr 2023 — Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX password automatically for Guice users. • https://github.com/mbadanoiu/CVE-2023-26269 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45935 – Apache James server: Temporary File Information Disclosure
https://notcve.org/view.php?id=CVE-2022-45935
06 Jan 2023 — Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions. • https://lists.apache.org/thread/j61fo8xc1rxtofrn8vc33whx35s9cj1d • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45787 – Apache James MIME4J: Temporary File Information Disclosure in MIME4J TempFileStorageProvider
https://notcve.org/view.php?id=CVE-2022-45787
06 Jan 2023 — Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. This issue affects Apache James MIME4J version 0.8.8 and prior versions. We recommend users to upgrade to MIME4j version 0.8.9 or later. A flaw was found in Apache James's Mime4j TempFileStorageProvider class, where it may set improper permissions when utilizing temporary files. This flaw allows a locally authorized attacker to access information outside their in... • https://lists.apache.org/thread/26s8p9stl1z261c4qw15bsq03tt7t0rj • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28220 – STARTTLS command injection in Apache JAMES
https://notcve.org/view.php?id=CVE-2022-28220
08 Sep 2022 — Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests. Apache James versiones anteriores a 3.6.3 y 3.7.1, es vulnerable a un ataque de almacenamiento en búfer que depende del uso del comando STARTTLS. La corrección de CVE-2021-38542, que resolvió un problema similar de Apa... • http://www.openwall.com/lists/oss-security/2022/09/20/1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-40525 – Sieve file storage vulnerable to path traversal attacks
https://notcve.org/view.php?id=CVE-2021-40525
04 Jan 2022 — Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted. La implementación de Apache James ManagedSieve junto con el almacenamiento de archivos para los scripts de sieve es vulnerable a un salto de ruta, permitiendo leer y escribir cualquier arch... • http://www.openwall.com/lists/oss-security/2022/01/04/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-40111 – Apache James IMAP parsing Denial Of Service
https://notcve.org/view.php?id=CVE-2021-40111
04 Jan 2022 — In Apache James, while fuzzing with Jazzer the IMAP parsing stack, we discover that crafted APPEND and STATUS IMAP command could be used to trigger infinite loops resulting in expensive CPU computations and OutOfMemory exceptions. This can be used for a Denial Of Service attack. The IMAP user needs to be authenticated to exploit this vulnerability. This affected Apache James prior to version 3.6.1. This vulnerability had been patched in Apache James 3.6.1 and higher. • http://www.openwall.com/lists/oss-security/2022/01/04/3 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-40110 – Apache James IMAP vulnerable to a ReDoS
https://notcve.org/view.php?id=CVE-2021-40110
04 Jan 2022 — In Apache James, using Jazzer fuzzer, we identified that an IMAP user can craft IMAP LIST commands to orchestrate a Denial Of Service using a vulnerable Regular expression. This affected Apache James prior to 3.6.1 We recommend upgrading to Apache James 3.6.1 or higher , which enforce the use of RE2J regular expression engine to execute regex in linear time without back-tracking. En Apache James, usando Jazzer fuzzer, identificamos que un usuario de IMAP puede diseñar comandos IMAP LIST para orquestar una d... • http://www.openwall.com/lists/oss-security/2022/01/04/2 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38542 – Apache James vulnerable to STARTTLS command injection (IMAP and POP3)
https://notcve.org/view.php?id=CVE-2021-38542
04 Jan 2022 — Apache James prior to release 3.6.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. This can result in Man-in -the-middle command injection attacks, leading potentially to leakage of sensible information. Apache James versiones anteriores a 3.6.1, es vulnerable a un ataque de buffering que es basado en el uso del comando STARTTLS. Esto puede resultar en ataques de inyección de comandos de tipo "Man-in-the-middle", conllevando potencialmente a un filtrado de información confid... • http://www.openwall.com/lists/oss-security/2022/01/04/1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 0%CPEs: 32EXPL: 0CVE-2019-0228
https://notcve.org/view.php?id=CVE-2019-0228
17 Apr 2019 — Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. Apache PDFBox versión 2.0.14 no inicializa correctamente el analizador XML, lo que permite a los atacantes dependientes del contexto realizar ataques de Entidades Externas XML (XXE) por medio de un XFDF creado. • https://lists.apache.org/thread.html/1a3756557f8cb02790b7183ccf7665ae23f608a421c4f723113bca79%40%3Cusers.pdfbox.apache.org%3E • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2006-2806
https://notcve.org/view.php?id=CVE-2006-2806
05 Jun 2006 — The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MAIL command. • http://advisories.echo.or.id/adv/adv31-y3dips-2006.txt •