Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1weDd3LWM5Z3ctN2dqM84AA5hU
Apache James server: Privilege escalation via JMX pre-authentication deserialization
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.
Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.
Note that by default JMX endpoint is only bound locally.
We recommend users to:
- Upgrade to a non-vulnerable Apache James version
- Run Apache James isolated from other processes (docker - dedicated virtual machine)
- If possible turn off JMX
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1weDd3LWM5Z3ctN2dqM84AA5hU
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 2 months ago
Updated: 2 months ago
Identifiers: GHSA-px7w-c9gw-7gj3, CVE-2023-51518
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-51518
- https://lists.apache.org/thread/wbdm61ch6l0kzjn6nnfmyqlng82qz0or
- https://github.com/advisories/GHSA-px7w-c9gw-7gj3
Affected Packages
maven:org.apache.james:james-server
Dependent packages: 1Dependent repositories: 15
Downloads:
Affected Version Ranges: >= 3.8.0, < 3.8.1, <= 3.7.4
Fixed in: 3.8.1, 3.7.5
All affected versions: 3.0.0, 3.0.1, 3.1.0, 3.2.0, 3.3.0, 3.4.0, 3.5.0, 3.6.0, 3.6.2, 3.7.0, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.8.0
All unaffected versions: 3.7.5, 3.8.1