Vulnerability identifier: #VU59161
Vulnerability risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-77
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Apache James
Server applications /
Mail servers
Vendor: Apache Foundation
Description
The vulnerability allows a remote attacker to inject arbitrary commands.
The vulnerability exists due to incorrect implementation of the STARTTLS command in the IMAP and POP3 servers. A remote attacker with ability to perform MitM attack can inject arbitrary IMAP or POP3 commands before successful initialization of the TLS session and execute these commands after the session was initialized.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Apache James: 3.6.0, 3.5.0, 2.3.0 - 2.3.2.1, 3.4.0, 3.3.0, 3.2.0, 3.1.0, 3.0 beta2 - 3.0.1, 2.2.0, 2.1 - 2.1.3
External links
http://seclists.org/oss-sec/2022/q1/1
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.