Vulnerabilites related to Apache Software Foundation - Apache James server
cve-2023-51518
Vulnerability from cvelistv5
Published
2024-02-27 09:09
Modified
2024-08-22 20:42
Severity ?
EPSS score ?
Summary
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.
Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.
Note that by default JMX endpoint is only bound locally.
We recommend users to:
- Upgrade to a non-vulnerable Apache James version
- Run Apache James isolated from other processes (docker - dedicated virtual machine)
- If possible turn off JMX
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/wbdm61ch6l0kzjn6nnfmyqlng82qz0or | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache James server |
Version: 0 ≤ 3.7.4 Version: 3.8 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:32:10.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/wbdm61ch6l0kzjn6nnfmyqlng82qz0or"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:james_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "james_server",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "3.7.4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.8"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T20:42:32.574252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T20:42:38.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.7.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.8.0",
"status": "affected",
"version": "3.8",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Mal Aware"
},
{
"lang": "en",
"type": "analyst",
"value": "Arnout Engelen"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.\u003cbr\u003eGiven a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.\u003cbr\u003e\u003cdiv\u003eNote that by default JMX endpoint is only bound locally.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003eWe recommend users to:\u003cbr\u003e\u003cdiv\u003e\u0026nbsp;- Upgrade to a non-vulnerable Apache James version\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;- Run Apache James isolated from other processes (docker - dedicated virtual machine)\u003cbr\u003e\u0026nbsp;- If possible turn off JMX\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.\nGiven a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.\nNote that by default JMX endpoint is only bound locally.\n\nWe recommend users to:\n\u00a0- Upgrade to a non-vulnerable Apache James version\n\n\u00a0- Run Apache James isolated from other processes (docker - dedicated virtual machine)\n\u00a0- If possible turn off JMX\n\n"
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T09:09:31.579Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/wbdm61ch6l0kzjn6nnfmyqlng82qz0or"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache James server: Privilege escalation via JMX pre-authentication deserialisation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-51518",
"datePublished": "2024-02-27T09:09:31.579Z",
"dateReserved": "2023-12-20T16:14:49.938Z",
"dateUpdated": "2024-08-22T20:42:38.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-26269
Vulnerability from cvelistv5
Published
2023-04-03 07:59
Modified
2025-02-13 16:44
Severity ?
EPSS score ?
Summary
Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a
malicious local user.
Administrators are advised to disable JMX, or set up a JMX password.
Note that version 3.7.4 onward will set up a JMX password automatically for Guice users.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache James server |
Version: 0 ≤ 3.7.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:24.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/2z44rg93pflbjhvbwy3xtz505bx41cbs"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/3"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:james_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "james_server",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "3.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-26269",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:09:13.520369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:10:14.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.7.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Matei \"Mal\" Badanoiu"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eApache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a \nmalicious local user.\u003c/div\u003e\u003cdiv\u003eAdministrators are advised to disable JMX, or set up a JMX password.\u003c/div\u003e\u003cdiv\u003eNote that version 3.7.4 onward will set up a JMX password automatically for Guice users.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a \nmalicious local user.\n\nAdministrators are advised to disable JMX, or set up a JMX password.\n\nNote that version 3.7.4 onward will set up a JMX password automatically for Guice users."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T02:06:14.335Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/2z44rg93pflbjhvbwy3xtz505bx41cbs"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache James server: Privilege escalation through unauthenticated JMX",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-26269",
"datePublished": "2023-04-03T07:59:13.228Z",
"dateReserved": "2023-02-21T08:48:22.411Z",
"dateUpdated": "2025-02-13T16:44:53.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-51747
Vulnerability from cvelistv5
Published
2024-02-27 13:08
Modified
2025-02-13 17:19
Severity ?
EPSS score ?
Summary
Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling.
A lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an attacker to forge an SMTP envelop, allowing for instance to bypass SPF checks.
The patch implies enforcement of CRLF as a line delimiter as part of the DATA transaction.
We recommend James users to upgrade to non vulnerable versions.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache James server |
Version: 0 ≤ 3.7.4 Version: 3.8 ≤ 3.8.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-15T20:37:43.302258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T19:08:00.859Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"related",
"x_transferred"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://postfix.org/smtp-smuggling.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/rxkwbkh9vgbl9rzx1fkllyk3krhgydko"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.7.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.8.0",
"status": "affected",
"version": "3.8",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "coordinator",
"value": "Benoit TELLIER"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling.\u003cbr\u003e\u003cbr\u003eA lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an attacker to forge an SMTP envelop, allowing for instance to bypass SPF checks.\u003cbr\u003e\u003cbr\u003eThe patch implies enforcement of CRLF as a line delimiter as part of the DATA transaction.\u003cbr\u003e\u003cbr\u003eWe recommend James users to upgrade to non vulnerable versions.\u003cbr\u003e"
}
],
"value": "Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling.\n\nA lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an attacker to forge an SMTP envelop, allowing for instance to bypass SPF checks.\n\nThe patch implies enforcement of CRLF as a line delimiter as part of the DATA transaction.\n\nWe recommend James users to upgrade to non vulnerable versions."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-27T13:10:07.890Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"related"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"tags": [
"related"
],
"url": "https://postfix.org/smtp-smuggling.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/rxkwbkh9vgbl9rzx1fkllyk3krhgydko"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/27/4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SMTP smuggling in Apache James",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-51747",
"datePublished": "2024-02-27T13:08:01.807Z",
"dateReserved": "2023-12-22T16:12:33.074Z",
"dateUpdated": "2025-02-13T17:19:50.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-37358
Vulnerability from cvelistv5
Published
2025-02-06 11:22
Modified
2025-02-12 19:51
Severity ?
EPSS score ?
Summary
Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations
Version 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/1pxsh11v5s3fkvhnqvkmlqwt3fgpcrqc | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache James server |
Version: 0 ≤ 3.7.5 Version: 3.8.0 ≤ 3.8.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T13:57:35.810182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:51:10.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://james.apache.org/",
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.7.5",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.8.1",
"status": "affected",
"version": "3.8.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Xavier GUIMARD"
},
{
"lang": "en",
"type": "coordinator",
"value": "Benoit TELLIER"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations\u003cbr\u003e\u003cbr\u003eVersion 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals.\u003cbr\u003e"
}
],
"value": "Similarly to CVE-2024-34055, Apache James is vulnerable to denial of service through the abuse of IMAP literals from both authenticated and unauthenticated users, which could be used to cause unbounded memory allocation and very long computations\n\nVersion 3.7.6 and 3.8.2 restrict such illegitimate use of IMAP literals."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T11:22:38.260Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/1pxsh11v5s3fkvhnqvkmlqwt3fgpcrqc"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache James: denial of service through the use of IMAP literals",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-37358",
"datePublished": "2025-02-06T11:22:38.260Z",
"dateReserved": "2024-06-06T07:07:32.731Z",
"dateUpdated": "2025-02-12T19:51:10.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-45626
Vulnerability from cvelistv5
Published
2025-02-06 11:21
Modified
2025-02-12 19:51
Severity ?
EPSS score ?
Summary
Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service.
Users are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/1fr9hvpsylomwwfr3rv82g84sxszn4kl | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache James server |
Version: 3.8.0 Version: 0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-02-06T12:04:25.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/05/7"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T13:59:06.290280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:51:10.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.8.1",
"status": "affected",
"version": "3.8.0",
"versionType": "maven"
},
{
"lessThanOrEqual": "3.7.5",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Benoit TELLIER"
},
{
"lang": "en",
"type": "finder",
"value": "Wojciech Kapcia"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue."
}
],
"value": "Apache James server JMAP HTML to text plain implementation in versions below 3.8.2 and 3.7.6 is subject to unbounded memory consumption that can result in a denial of service.\n\nUsers are recommended to upgrade to version 3.7.6 and 3.8.2, which fix this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T11:21:12.417Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/1fr9hvpsylomwwfr3rv82g84sxszn4kl"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Apache James: denial of service through JMAP HTML to text conversion",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-45626",
"datePublished": "2025-02-06T11:21:12.417Z",
"dateReserved": "2024-09-03T08:43:52.113Z",
"dateUpdated": "2025-02-12T19:51:10.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-45935
Vulnerability from cvelistv5
Published
2023-01-06 09:33
Modified
2024-08-03 14:24
Severity ?
EPSS score ?
Summary
Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit.
Vulnerable components includes the SMTP stack and IMAP APPEND command.
This issue affects Apache James server version 3.7.2 and prior versions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.apache.org/thread/j61fo8xc1rxtofrn8vc33whx35s9cj1d | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache James server |
Version: 0 ≤ 3.7.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/j61fo8xc1rxtofrn8vc33whx35s9cj1d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.7.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Benoit Tellier"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. \u003cbr\u003e\u003cbr\u003eVulnerable components includes the SMTP stack and IMAP APPEND command.\u003cbr\u003e\u003cbr\u003eThis issue affects Apache James server version 3.7.2 and prior versions."
}
],
"value": "Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. \n\nVulnerable components includes the SMTP stack and IMAP APPEND command.\n\nThis issue affects Apache James server version 3.7.2 and prior versions."
}
],
"metrics": [
{
"other": {
"content": {
"text": "low"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-668",
"description": "CWE-668 Exposure of Resource to Wrong Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-12T10:18:19.197Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/j61fo8xc1rxtofrn8vc33whx35s9cj1d"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache James server: Temporary File Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-45935",
"datePublished": "2023-01-06T09:33:30.150Z",
"dateReserved": "2022-11-27T08:53:19.892Z",
"dateUpdated": "2024-08-03T14:24:03.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}