Lucene search
ApacheCVELIST:CVE-2023-51518HistoryFeb 27, 2024 - 9:09 a.m.
CVE-2023-51518 Apache James server: Privilege escalation via JMX pre-authentication deserialisation
2024-02-2709:09:31
CWE-502
apache
www.cve.org
apache james
privilege escalation
jmx
pre-authentication
vulnerability
upgrade
isolation
docker
virtual machine
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data.
Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation.
Note that by default JMX endpoint is only bound locally.
We recommend users to:
Ā - Upgrade to a non-vulnerable Apache James version
- Run Apache James isolated from other processes (docker - dedicated virtual machine)
Ā - If possible turn off JMX
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache James server",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.7.4",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "3.8.0",
"status": "affected",
"version": "3.8",
"versionType": "custom"
}
]
}
]Related
veracode
veracode
Deserialization Of Untrusted Data
2024-02-29 08:00:04
github
github
nvd
nvd
CVE-2023-51518
2024-02-27 09:15:36
osv
osv
prion
prion
Authentication flaw
2024-02-27 09:15:00
cve
cve
CVE-2023-51518
2024-02-27 09:15:36