Количество 2
Количество 2
CVE-2017-12628
The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library.
GHSA-xj7q-q94c-6wr3
Apache James Privilege Escalation
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-12628 The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for privilege escalation. Release 3.0.1 upgrades the incriminated library. | CVSS3: 7.8 | 0% Низкий | больше 8 лет назад |
| GHSA-xj7q-q94c-6wr3 Apache James Privilege Escalation | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу