4 matches found
CVE-2023-26269
Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX...
CVE-2023-26269
Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX...
CVE-2023-26269 Apache James server: Privilege escalation through unauthenticated JMX
Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX...
PT-2023-20578 · Apache · Apache James Server
Name of the Vulnerable Software and Affected Versions: Apache James server versions 3.7.3 and earlier Description: The issue allows privilege escalation by a malicious local user due to the JMX management service being provided without authentication by default. Administrators are advised to take...