MAL-010: Dangerous MBeans Accessible via JMX in Apache James

By listing and inspecting the MBeans exposed by the JMX on localhost, port 9999, the following attack vectors have been identified:

Arbitrary File Write using Log4J
Arbitrary File Read using Log4J

Note: Unlike the “MLet attack” presented in CVE-2023-26269, this vulnerability also works if authentication is required, if the attacker knows the JMX credentials.

Vendor Disclosure:

This vulnerability represents an alternative attack vector for CVE-2023-26269, therefore the vendor's disclosure and fix for this vulnerability can be found here.

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

Additional Resources:

CVE-2023-26269: Misconfigured JMX in Apache James

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
Apache James - MAL-010.pdf		Apache James - MAL-010.pdf
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

MAL-010: Dangerous MBeans Accessible via JMX in Apache James

Vendor Disclosure:

Proof Of Concept:

Additional Resources:

About

Uh oh!

Contributors

Uh oh!

Folders and files

Latest commit

History

Repository files navigation

MAL-010: Dangerous MBeans Accessible via JMX in Apache James

Vendor Disclosure:

Proof Of Concept:

Additional Resources:

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Contributors

Uh oh!