vendor:
James Server
by:
shinris3n
N/A
CVSS
HIGH
Remote Command Execution (RCE)
78
CWE
Product Name: James Server
Affected Version From: 2.3.2002
Affected Version To: 2.3.2002
Patch Exists: NO
Related CWE:
CPE: a:apache:james_server:2.3.2
Platforms Tested: Ubuntu
2021
Apache James Server 2.3.2 – Remote Command Execution (RCE) (Authenticated) (2)
This exploit allows an attacker to execute remote commands on an Apache James Server 2.3.2 installation. It requires authentication and works on the default installation.
Mitigation:
Upgrade to a patched version of Apache James Server.