Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mbadanoiu/cve-2023-26269

CVE-2023-26269: Misconfigured JMX in Apache James
https://github.com/mbadanoiu/cve-2023-26269

cve cve-2023-26269 cves

Last synced: 2 days ago
JSON representation

CVE-2023-26269: Misconfigured JMX in Apache James

Host: GitHub
URL: https://github.com/mbadanoiu/cve-2023-26269
Owner: mbadanoiu
Created: 2023-11-23T21:55:30.000Z (12 months ago)
Default Branch: main
Last Pushed: 2023-11-23T22:10:35.000Z (12 months ago)
Last Synced: 2023-11-24T00:29:07.511Z (12 months ago)
Topics: cve, cve-2023-26269, cves
Homepage:
Size: 1.4 MB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# CVE-2023-26269: Misconfigured JMX in Apache James

By default Apache James opens a JMXRMI service that listens on localhost, port 9999. Because the JMX is misconfigured to allow unauthenticated access, an attacker that has local access to the machine running James can use a [“MLet attack”](https://mogwailabs.de/en/blog/2019/04/attacking-rmi-based-jmx-services/) in order to load arbitrary MBeans and execute malicious Java code.

Because the application requires elevated privileges to listen on SMTP, POP3, IMAP (25, 110, 143) ports, the application will usually be run as the “root” user increasing the impact of a potential Local Privilege Escalation (LPE) attack.

### Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found [here](https://lists.apache.org/thread/2z44rg93pflbjhvbwy3xtz505bx41cbs).

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2023-26269/blob/main/Apache%20James%20-%20CVE-2023-26269.pdf).