CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-26269 – Apache James server: Privilege escalation through unauthenticated JMX
https://notcve.org/view.php?id=CVE-2023-26269
03 Apr 2023 — Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX password automatically for Guice users. • https://github.com/mbadanoiu/CVE-2023-26269 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45935 – Apache James server: Temporary File Information Disclosure
https://notcve.org/view.php?id=CVE-2022-45935
06 Jan 2023 — Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. Vulnerable components includes the SMTP stack and IMAP APPEND command. This issue affects Apache James server version 3.7.2 and prior versions. • https://lists.apache.org/thread/j61fo8xc1rxtofrn8vc33whx35s9cj1d • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28220 – STARTTLS command injection in Apache JAMES
https://notcve.org/view.php?id=CVE-2022-28220
08 Sep 2022 — Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests. Apache James versiones anteriores a 3.6.3 y 3.7.1, es vulnerable a un ataque de almacenamiento en búfer que depende del uso del comando STARTTLS. La corrección de CVE-2021-38542, que resolvió un problema similar de Apa... • http://www.openwall.com/lists/oss-security/2022/09/20/1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 0CVE-2022-22931 – Path traversal in Apache James 3.6.1
https://notcve.org/view.php?id=CVE-2022-22931
07 Feb 2022 — Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the username being used). La corrección de CVE-2021-40525 no antepone delimitadores a las comprobaciones de directorios. Las implementaciones afectadas incluyen: - Almacén de buzones maildir - Repositorio de archivos Sieve Esto permite a un... • https://lists.apache.org/thread/bp8yql4wws56jlh0vxoowj7foothsmpr • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 4%CPEs: 1EXPL: 0CVE-2021-40525 – Sieve file storage vulnerable to path traversal attacks
https://notcve.org/view.php?id=CVE-2021-40525
04 Jan 2022 — Apache James ManagedSieve implementation alongside with the file storage for sieve scripts is vulnerable to path traversal, allowing reading and writing any file. This vulnerability had been patched in Apache James 3.6.1 and higher. We recommend the upgrade. Distributed and Cassandra based products are also not impacted. La implementación de Apache James ManagedSieve junto con el almacenamiento de archivos para los scripts de sieve es vulnerable a un salto de ruta, permitiendo leer y escribir cualquier arch... • http://www.openwall.com/lists/oss-security/2022/01/04/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •