| |
Vulnerability CVE-2023-26269
Published: 2023-04-03
| Description: |
Apache James server version 3.7.3 and earlier provides a JMX management service without authentication by default. This allows privilege escalation by a malicious local user. Administrators are advised to disable JMX, or set up a JMX password. Note that version 3.7.4 onward will set up a JMX password automatically for Guice users. |
Type:
CWE-862 (Missing Authorization)
References: |
https://lists.apache.org/thread/2z44rg93pflbjhvbwy3xtz505bx41cbs
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|