Количество 2
Количество 2
CVE-2023-26269
Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX password automatically for Guice users.
GHSA-w7r6-v4j7-h94w
Apache James server's JMX management service vulnerable to privilege escalation by local user
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-26269 Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX password automatically for Guice users. | CVSS3: 7.8 | 1% Низкий | почти 3 года назад |
| GHSA-w7r6-v4j7-h94w Apache James server's JMX management service vulnerable to privilege escalation by local user | CVSS3: 7.8 | 1% Низкий | почти 3 года назад |
Уязвимостей на страницу